CVE-2025-68143
CVE-2025-68143 affects the mcp-server-git component. Prior to 2025.9.25, the git_init tool accepted arbitrary filesystem paths and could create Git repositories in any directory accessible to the server process without validating the target location, enabling repository creation at unintended loc...