Arbitrary Filesystem Path Vulnerability in Model Context Protocol Servers by Model Context Protocol
CVE-2025-68143

6.5MEDIUM

Key Information:

Vendor: Modelcontextprotocol
Status: Servers
Vendor: CVE Published:; 17 December 2025

🔔 Create Modelcontextprotocol Vulnerability Alert

What is CVE-2025-68143?

The Model Context Protocol Servers contain a vulnerability within the git_init tool, which allows for arbitrary filesystem paths to be accepted and processed. This lack of validation leads to the creation of Git repositories in any directory accessible to the server process, which exposes these directories to further git operations. As a result, the tool has been removed to ensure that server operations are restricted to existing repositories only. Users are strongly encouraged to update to version 2025.9.25 or later to mitigate this issue and ensure the security of their systems.

Affected Version(s)

servers < 2025.9.25

References

https://github.com/modelcontextprotocol/servers/security/...

x_refsource_CONFIRM

https://github.com/modelcontextprotocol/servers/commit/ea...

x_refsource_MISC

CVSS V4

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Dec 17, 2025
Vulnerability Reserved
Dec 15, 2025

JSON