Anthropic fixes three critical vulnerabilities in the MCP Git server, involving arbitrary file access and remote code execution

According to The Hacker News, Cyata researchers have disclosed three critical security vulnerabilities (CVE-2025-68143/44/45) in the mcp-server-git maintained by Anthropic, which can be exploited for path traversal and parameter injection, potentially leading to remote code execution.

These vulnerabilities can be weaponized through prompt injection, allowing attackers to trigger the attack simply by controlling the AI assistant to read malicious content. The vulnerabilities have been patched in the versions released in September and December 2025, and the official has removed the git_init tool and enhanced path validation, recommending users to update to the latest version as soon as possible.