Unknown · Git-Mcp-Server · CVE-2026-27735
**Name of the Vulnerable Software and Affected Versions**
mcp-server-git versions prior to 2026.1.14
**Description**
The Model Context Protocol Servers software contains an issue where the `git add` tool does not properly validate file paths provided in the `files` argument. This allows relative paths containing `../` sequences that resolve outside the repository boundaries to be accepted and staged into the Git index. This could potentially allow sensitive files to be exfiltrated through subsequent commit and push operations. The tool utilizes GitPython's `repo.index.add()` which does not enforce working-tree boundary checks. The fix involves switching to `repo.git.add()`, which delegates to the Git CLI and enforces these checks.
**Recommendations**
Upgrade to mcp-server-git version 2026.1.14 or newer.