CVE-2025-68144
Unknown Unknown - Not Provided
Command Injection in mcp-server-git Allows Arbitrary File Overwrite

Publication date: 2025-12-17

Last updated on: 2026-04-14

Assigner: GitHub, Inc.

Description
In mcp-server-git versions prior to 2025.12.17, the git_diff and git_checkout functions passed user-controlled arguments directly to git CLI commands without sanitization. Flag-like values (e.g., `--output=/path/to/file` for `git_diff`) would be interpreted as command-line options rather than git refs, enabling arbitrary file overwrites. The fix adds validation that rejects arguments starting with - and verifies the argument resolves to a valid git ref via rev_parse before execution. Users are advised to update to 2025.12.17 resolve this issue when it is released.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-17
Last Modified
2026-04-14
Generated
2026-06-16
AI Q&A
2025-12-18
EPSS Evaluated
2026-06-15
NVD
CVE-2025-68144
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
lfprojects model_context_protocol_servers to 2025.12.17 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-88 The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in mcp-server-git versions prior to 2025.12.17, where the git_diff and git_checkout functions pass user-controlled arguments directly to git CLI commands without sanitization. This allows specially crafted inputs that look like command-line options (e.g., --output=/path/to/file) to be interpreted as options rather than git references, enabling an attacker to overwrite arbitrary files. The issue is fixed in version 2025.12.17 by adding validation to reject arguments starting with '-' and verifying that arguments resolve to valid git references before execution.

Impact Analysis

This vulnerability can allow an attacker to overwrite arbitrary files on the system by passing malicious arguments to git_diff or git_checkout functions. This could lead to unauthorized modification of files, potentially compromising system integrity, causing data loss, or enabling further attacks.

Mitigation Strategies

Update mcp-server-git to version 2025.12.17 or later, as this version includes a fix that validates user arguments to prevent arbitrary file overwrites.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68144. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart