Anthropic's official Git MCP server had some worrying security flaws - this is what happened next
techradar.com
- Anthropic patched Git MCP flaws enabling remote code execution via tool chaining
- Cyata discovered CVEs; fixed in version 2025.12.18, no exploitation reported yet
- Claude previously manipulated in cyber espionage campaign targeting major global organizations
Anthropic, the company behind the popular AI model Claude has fixed multiple bugs in its Git MCP server which, researchers claim, can be chained with other MCP tools to enable remote code execution (RCE) or file tampering through prompt injection.
The Git MCP server is Anthropic’s Model Context Protocol service that lets AI tools read and interact with Git repositories. It’s important because it allows the AI to understand real codebases, or answer coding questions without unsafe or unrestricted access.
The bugs were found by Agentic AI security startup Cyata, and are as follows:
Copyright of this story solely belongs to techradar.com . To see the full text click HERE