Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Veracode
Veracodeadded 2026/03/02 6:52 p.m.2 views

Directory Traversal

mcp-server-git is vulnerable to Directory Traversal. The vulnerability is due to the gitinit tool accepting arbitrary filesystem paths and creating Git repositories without validating the target location, where an attacker can exploit this to create repositories at arbitrary locations, and...

8.8CVSS6.1AI score0.00034EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVEadded 2025/12/18 10:37 p.m.2 views

CVE-2025-68143

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other too...

6.5CVSS6.9AI score0.00034EPSS
Exploits0References1
NVD
NVDadded 2025/12/17 11:16 p.m.2 views

CVE-2025-68143

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other too...

8.8CVSS0.00034EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/12/17 10:9 p.m.2 views

CVE-2025-68143 mcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locations

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other too...

6.5CVSS6.5AI score0.00034EPSS
Exploits0References2
CVE
CVEadded 2025/12/17 10:9 p.m.14 views

CVE-2025-68143

The CVE-2025-68143 issue affects mcp-server-git: prior to 2025.9.25, the git_init tool accepts arbitrary filesystem paths and can create Git repositories without validating the target location. This means the server could operate on any directory accessible to the process, enabling repository cre...

8.8CVSS6.5AI score0.00034EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2025/12/17 7:49 p.m.4 views

GHSA-5CGR-J3JF-JW3V mcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locations

In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other tools which required an existing repository, gitinit could operate on any directory accessible to the server proces...

6.5CVSS6.8AI score0.00034EPSS
Exploits0References4
Snyk
Snykadded 2025/12/17 7:49 p.m.1 views

Directory Traversal

Overview mcp-server-git is an A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs Affected versions of this package are vulnerable to Directory Traversal via the gitinit tool. An attacker can create repositories at arbitrary...

8.8CVSS7.3AI score0.00034EPSS
Exploits0References2
Rows per page
Query Builder