Summary
Anthropic patched three vulnerabilities in its official Git MCP server that allowed attackers to delete files, leak data, and execute code via prompt injection. The flaws affected default installations and require no system credentials to exploit.
Take Action:
Be aware that all MCP servers are vulnerable various prompt injections. Always add filtering and validation to all inputs to the AI Agent and to the MCP server. If you are using Anthropic mcp-server-git, update it to version 2025.12.18 ASAP and avoid running Git and filesystem MCP servers on the same host.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)