CVE-2025-68144
Unknown Unknown - Not Provided

Command Injection in mcp-server-git Allows Arbitrary File Overwrite

Vulnerability report for CVE-2025-68144, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-17

Last updated on: 2026-04-14

Assigner: GitHub, Inc.

Description

In mcp-server-git versions prior to 2025.12.17, the git_diff and git_checkout functions passed user-controlled arguments directly to git CLI commands without sanitization. Flag-like values (e.g., `--output=/path/to/file` for `git_diff`) would be interpreted as command-line options rather than git refs, enabling arbitrary file overwrites. The fix adds validation that rejects arguments starting with - and verifies the argument resolves to a valid git ref via rev_parse before execution. Users are advised to update to 2025.12.17 resolve this issue when it is released.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-17
Last Modified
2026-04-14
Generated
2026-07-06
AI Q&A
2025-12-18
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
lfprojects model_context_protocol_servers to 2025.12.17 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-88 The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in mcp-server-git versions prior to 2025.12.17, where the git_diff and git_checkout functions pass user-controlled arguments directly to git CLI commands without sanitization. This allows specially crafted inputs that look like command-line options (e.g., --output=/path/to/file) to be interpreted as options rather than git references, enabling an attacker to overwrite arbitrary files. The issue is fixed in version 2025.12.17 by adding validation to reject arguments starting with '-' and verifying that arguments resolve to valid git references before execution.

Impact Analysis

This vulnerability can allow an attacker to overwrite arbitrary files on the system by passing malicious arguments to git_diff or git_checkout functions. This could lead to unauthorized modification of files, potentially compromising system integrity, causing data loss, or enabling further attacks.

Mitigation Strategies

Update mcp-server-git to version 2025.12.17 or later, as this version includes a fix that validates user arguments to prevent arbitrary file overwrites.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68144. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart