CVE-2025-53107: @cyanheads/git-mcp-server is an MCP server designed to interact with Git repositories. Prior to version 2.1.5, there is
Summary
The @cyanheads/git-mcp-server (an MCP server, or a tool that lets AI systems interact with Git repositories) has a command injection vulnerability (a flaw where attackers can sneak extra system commands into input) in versions before 2.1.5. Because the server doesn't check user input before running system commands, attackers can execute arbitrary code on the server, or trick an AI client into running unwanted actions through indirect prompt injection (hiding malicious instructions in data the AI reads).
Solution / Mitigation
Update to version 2.1.5, where this issue has been patched.
Vulnerability Details
7.5(high)
EPSS: 0.0%
Classification
Affected Vendors
Related Issues
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-53107
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 85%