CVE-2025-53107: 
JavaScript vulnerability analysis and mitigation

A command injection vulnerability (CVE-2025-53107) was discovered in the @cyanheads/git-mcp-server package affecting versions up to 2.1.4. The vulnerability exists due to unsanitized use of input parameters within child_process.exec calls, allowing attackers to inject arbitrary system commands. The issue was discovered and reported by researcher @dellalibera and was patched in version 2.1.5 released on June 29, 2025 (GitHub Advisory).

The vulnerability stems from the improper handling of user input in several git operation tools (gitadd, gitinit, gitlogs, etc.) where input parameters are directly concatenated into shell commands executed via childprocess.exec. This allows for shell metacharacter injection using characters like |, >, &&. The vulnerability can be exploited through both direct command injection and indirect prompt injection via git logs. The issue has been assigned a CVSS v3.1 score of 7.5 (High) with vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H (GitHub Advisory).

Successful exploitation of this vulnerability can lead to remote code execution under the server process's privileges. An attacker could execute arbitrary system commands, potentially compromising the integrity, confidentiality, and availability of the affected system (GitHub Advisory).

The vulnerability has been patched in version 2.1.5 by replacing all instances of childprocess.exec with childprocess.execFile, which treats arguments as distinct values rather than executable script parts. Users are strongly advised to upgrade to version 2.1.5 or later. The fix ensures that user-provided input is treated as arguments rather than being executed as part of a shell command (GitHub Release).