Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some cases, lead to RCE.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

Three security vulnerabilities were discovered in Anthropic's mcp-server-git, an official Model Context Protocol server for Git operations. The flaws include path traversal and argument injection issues that can be exploited through prompt injection attacks, allowing attackers to read or delete arbitrary files and potentially execute remote code. The vulnerabilities (CVE-2025-68143, CVE-2025-68144, CVE-2025-68145) have been patched in versions 2025.9.25 and 2025.12.18. Attackers could chain these vulnerabilities with the Filesystem MCP server to write malicious Git configuration files and achieve code execution without direct system access.

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution