CVE-2026-27735

Name of the Vulnerable Software and Affected Versions mcp-server-git versions prior to 2026.1.14

Description The Model Context Protocol Servers software contains an issue where the git add tool does not properly validate file paths provided in the files argument. This allows relative paths containing ../ sequences that resolve outside the repository boundaries to be accepted and staged into the Git index. This could potentially allow sensitive files to be exfiltrated through subsequent commit and push operations. The tool utilizes GitPython's repo.index.add() which does not enforce working-tree boundary checks. The fix involves switching to repo.git.add(), which delegates to the Git CLI and enforces these checks.

Recommendations Upgrade to mcp-server-git version 2026.1.14 or newer.