Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Cvelist
Cvelistadded 2025/12/17 10:12 p.m.18 views

CVE-2025-68145 mcp-server-git has missing path validation when using --repository flag

In mcp-server-git versions prior to 2025.12.17, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repopath arguments in subsequent tool calls were actually within that configured path. This could allow tool calls t...

6.4CVSS0.00177EPSS
Exploits0References1
CVE
CVEadded 2025/12/17 10:12 p.m.7 views

CVE-2025-68145

CVE-2025-68145 affects mcp-server-git. Prior to 2025.12.17, when started with --repository to constrain to a single repo, the server did not validate that repo_path arguments in subsequent tool calls stayed within the configured path, potentially allowing operations on other repositories accessib...

9.1CVSS6.3AI score0.00177EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder