Product

Mcp-Server-Kubernetes (< 3.6.0)

1 brief RSS

MCP Server Kubernetes Tool Access Control Bypass (CVE-2026-46519)

MCP Server Kubernetes versions before 3.6.0 have an access control bypass vulnerability (CVE-2026-46519) where tool access controls are enforced only at the discovery layer, allowing authenticated clients to invoke any Kubernetes tool regardless of configured restrictions, potentially leading to cluster compromise.

mcp-server-kubernetes access-control-bypass privilege-escalation kubernetes cloud

2r 2t 1h ago