Rewards Hub Three critical security vulnerabilities have been identified in Anthropic's official mcp-server-git, posing significant risks through prompt injection attacks. The vulnerabilities, labeled CVE-2025-68143, CVE-2025-68145, and CVE-2025-68144, allow attackers to exploit the system using malicious README files or compromised web pages without needing direct system access. These flaws enable arbitrary code execution, file deletion, and unauthorized file reading within a large language model context.
The vulnerabilities include unrestricted git initialization, path validation bypass, and parameter injection in git_diff. Notably, the lack of path validation for the repo_path parameter allows attackers to create Git repositories in any system directory. Additionally, configuring a clean filter in .git/config can lead to shell command execution without explicit permissions. Anthropic has addressed these issues by releasing a patch on December 17, 2025, and urges users to update to version 2025.12.18 or later to mitigate risks.
Security Flaws Found in Anthropic's Git MCP Server
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.