CVE-2025-65719 | THREATINT

Description

An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page.

PUBLISHED Reserved 2025-11-18 | Published 2026-05-12 | Updated 2026-05-13 | Assigner mitre

References

github.com/rohitg00/kubectl-mcp-server

www.ox.security/.../kubectl-mcp-server-remote-code-execution

www.ox.security/...65719-critical-rce-in-kubectl-mcp-server/

cve.org (CVE-2025-65719)

nvd.nist.gov (CVE-2025-65719)

Download JSON