Site icon Fix I.T. Phill – Your Go-To Tech Guru

July 10 Admin Tool CVE Radar: HestiaCP and Kubernetes MCP

Admin tool CVE radar checklist for HestiaCP and Kubernetes MCP updates

Admin tool CVE radar checklist for HestiaCP and Kubernetes MCP updates

Update for July 10, 2026 at 20:00 UTC: this radar pass did not find a new CISA Known Exploited Vulnerabilities catalog addition after the Joomla extension update published earlier today. It did find fresh NVD entries that matter to hosting, server, and Kubernetes operators: CVE-2025-30007 for HestiaCP and CVE-2026-61459 for mcp-server-kubernetes.

There is also a live Progress ShareFile Storage Zone Controller incident. Public sources available during this pass did not tie that incident to a new CVE, so treat it as an operations and incident-response watch item rather than a confirmed new CVE.

What Changed Since The Last Pass

HestiaCP CVE-2025-30007

HestiaCP is directly in the hosting-control-panel lane, so this one should get same-day review on any server where customers, resellers, contractors, or low-trust staff can access the panel. NVD describes the issue as a high-severity authenticated command-injection class vulnerability. The practical administrator takeaway is simple: HestiaCP systems older than 1.9.5 need an update window.

The HestiaCP GitHub release history confirms 1.9.5 shipped on May 28, 2026, with security and input-handling improvements, and 1.9.6 is available as the latest service release from May 29, 2026. If you manage HestiaCP, update to the current supported release rather than stopping at the first fixed version unless you have a compatibility reason.

Admin Checklist

mcp-server-kubernetes CVE-2026-61459

NVD published CVE-2026-61459 as a critical issue in mcp-server-kubernetes before v3.9.0. This is especially relevant for teams experimenting with AI agents and Kubernetes administration because MCP servers can sit between an AI client and sensitive cluster operations.

The project has a v3.9.0 release and, as of this pass, a newer v4.0.1 release. Operators should move forward to a current release, keep the service off the public internet, require authentication, and run it with a Kubernetes service account that has only the permissions the workflow actually needs.

Kubernetes Checklist

Progress ShareFile Watch Item

The Hacker News reported that Progress told ShareFile customers with Storage Zone Controllers to shut down those Windows servers while it responds to a credible external security threat. The ShareFile status page confirms that Storage Zone Controller customers are not operational and that the incident is under investigation as of July 10, 2026 at 12:12 p.m. EDT.

Because the public sources available during this pass do not identify a new CVE for the current ShareFile incident, FixItPhill is not treating it as a confirmed CVE item yet. If you run customer-managed ShareFile Storage Zone Controllers, follow Progress customer communications first, keep affected controllers offline until the vendor clears them, preserve logs, and prepare for a vendor-guided recovery path.

Bottom Line

For hosting admins, the highest-confidence CVE action in this pass is HestiaCP: patch panels before 1.9.5 and verify access controls. For Kubernetes and AI-tooling teams, update mcp-server-kubernetes and reduce the permissions behind the service. For ShareFile, follow the vendor shutdown and status guidance until Progress publishes a clearer technical advisory.

Exit mobile version