Moole Vulnerability Database

Find real vulnerabilities before they ship

Critical

CVE-2025-65719

An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page.

VectorNETWORK

PublishedMay 12, 2026, 17:16

Published Bycve@mitre.org

Base Score

Score9.8

Affected Versions

No affected versions found.

References

https://github.com/rohitg00/kubectl-mcp-server
https://www.ox.security/blog/cve-2025-65719-critical-rce-in-kubectl-mcp-server/
https://www.ox.security/blog/kubectl-mcp-server-remote-code-execution

Weakness Type

CWE-94

CVSS Metrics

Base Score

9.8

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base SeverityCritical

Version

3.1

Attack Vector (AV)

NETWORK