Impact
A command injection flaw exists in the minimal_wrapper.py module of kubectl-mcp-server version 1.2.0. The attacker can inject arbitrary shell metacharacters, causing the underlying operating system to execute commands supplied by the attacker. This leads to uncontrolled modification, execution, or deletion of data, with full compromise of confidentiality, integrity, and availability. The weakness is a classic example of CWE‑94, reflected in the high CVSS score of 9.8.
Affected Systems
Only kubectl‑mcp‑server running the vulnerable 1.2.0 release is affected, specifically when the minimal_wrapper.py component is active and used for command execution. No vendor or product mapping is provided by the CNA, so any system that has installed this version and exposes the wrapper remains at risk.
Risk and Exploitability
The CVSS score of 9.8 coupled with an EPSS score of 2% indicates a significant, though not extreme, exploitation probability. The vulnerability is not listed in CISA’s KEV catalog. Based solely on the description, the likelihood is that an attacker with network or local access to the host running the wrapper can provide malicious input that is passed directly to the shell, resulting in arbitrary command execution.
OpenCVE Enrichment