Breaking Update
Israeli Cybersecurity Firm Uncovers Critical Flaws in Anthropic’s AI Git Server
Israeli cybersecurity firm Cyata disclosed critical flaws in Anthropic's AI Git server, enabling remote code execution through prompt injection before December.
Jerusalem, 20 January, 2026 (TPS-IL) — Tel Aviv-based cybersecurity firm Cyata has disclosed multiple security flaws in mcp-server-git, Anthropic’s official Git Model Context Protocol (MCP) server. The vulnerabilities, affecting versions prior to December 18, 2025, can be chained to enable remote code execution purely through prompt injection, without direct access to the target system.
Cyata cofounders Shahar Tal and Baruch Weizman warned that the flaws compromise trust boundaries in AI-assisted workflows and recommended immediate upgrades. The issues, reported to Anthropic in June 2025, were patched in December. The firm continues to lead research into AI agent security, highlighting risks in emerging agentic frameworks worldwide.
