cbcvebase.

Modelcontextprotocol Servers vulnerabilities

6 known vulnerabilities affecting modelcontextprotocol/servers.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-68145P2CRITICALCVSS 9.1fixed in 2025.12.172025-12-17
CVE-2025-68145 [CRITICAL] CWE-22 CVE-2025-68145: In mcp-server-git versions prior to 2025.12.17, when the server is started with the --repository fla In mcp-server-git versions prior to 2025.12.17, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repo_path arguments in subsequent tool calls were actually within that configured path. This could allow tool calls to operate on other repositories accessible to the se
nvd
CVE-2025-68143P3HIGHCVSS 8.8fixed in 2025.9.252025-12-17
CVE-2025-68143 [HIGH] CWE-22 CVE-2025-68143: Model Context Protocol Servers is a collection of reference implementations for the model context pr Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). In mcp-server-git versions prior to 2025.9.25, the git_init tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other tools which required an existing repository, git_init cou
nvd
CVE-2025-68144P3HIGHCVSS 7.1fixed in 2025.12.172025-12-17
CVE-2025-68144 [HIGH] CWE-88 CVE-2025-68144: In mcp-server-git versions prior to 2025.12.17, the git_diff and git_checkout functions passed user- In mcp-server-git versions prior to 2025.12.17, the git_diff and git_checkout functions passed user-controlled arguments directly to git CLI commands without sanitization. Flag-like values (e.g., `--output=/path/to/file` for `git_diff`) would be interpreted as command-line options rather than git refs, enabling arbitrary file overwrites. The fix adds v
nvd
CVE-2025-53109P3HIGHCVSS 7.3fixed in 0.6.4fixed in 2025.7.012025-07-02
CVE-2025-53109 [HIGH] CWE-59 CVE-2025-53109: Model Context Protocol Servers is a collection of reference implementations for the model context pr Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve.
nvd
CVE-2025-53110P3HIGHCVSS 7.3fixed in 0.6.4fixed in 2025.7.012025-07-02
CVE-2025-53110 [HIGH] CWE-22 CVE-2025-53110: Model Context Protocol Servers is a collection of reference implementations for the model context pr Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve.
nvd
CVE-2026-27735P3MEDIUMCVSS 6.5fixed in 2026.1.142026-02-26
CVE-2026-27735 [MEDIUM] CWE-22 CVE-2026-27735: Model Context Protocol Servers is a collection of reference implementations for the model context pr Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). In mcp-server-git versions prior to 2026.1.14, the git_add tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool used GitPython's repo.index.add() rather than the Git
nvd
Modelcontextprotocol Servers vulnerabilities | cvebase