Cybersecurity researchers have disclosed particulars of a important safety vulnerability impacting GitHub.com and GitHub Enterprise Server that might enable an authenticated person to acquire distant code execution with a single “git push” command.
The flaw, tracked as CVE-2026-3854 (CVSS rating: 8.7), is a case of command injection that might enable an attacker with push entry to a repository to realize distant code execution on the occasion.
“Throughout a git push operation, user-supplied push choice values weren’t correctly sanitized earlier than being included in inside service headers,” per a GitHub advisory for the vulnerability. “As a result of the inner header format used a delimiter character that might additionally seem in person enter, an attacker may inject further metadata fields by way of crafted push choice values.”
Google-owned cloud safety agency Wiz has been credited with discovering and reporting the problem on March 4, 2026, with GitHub validating and deploying a repair to GitHub.com inside two hours.
The vulnerability has additionally been addressed in GitHub Enterprise Server variations 3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.8, 3.19.4, 3.20.0, or later. There isn’t a proof that the problem was ever exploited in a malicious context.
In accordance with GitHub, the problem impacts GitHub.com, GitHub Enterprise Cloud, GitHub Enterprise Cloud with Knowledge Residency, GitHub Enterprise Cloud with Enterprise Managed Customers, and GitHub Enterprise Server.
At its core, the issue stems from the truth that user-supplied git push choices will not be adequately sanitized earlier than the values have been included into the inner X-Stat header. As a result of the inner metadata format depends on a semicolon as a delimiter character that might additionally seem within the person enter, a foul actor may exploit this oversight to inject arbitrary instructions and have them executed.
“By chaining a number of injected values collectively, the researchers demonstrated that an attacker may override the surroundings the push was processed in, bypass sandboxing protections that usually constrain hook execution, and finally execute arbitrary instructions on the server,” GitHub’s Chief Info Safety Officer, Alexis Wales, mentioned.
Wiz, in a coordinated announcement, famous that the problem is “remarkably straightforward” to take advantage of, including that it permits distant code execution on shared storage nodes. About 88% of cases are presently susceptible to the problem on the time of public disclosure. The distant code execution chain strings collectively three injections –
- Inject a non-production rails_env worth to bypass the sandbox
- Inject custom_hooks_dir to manage to redirectthe hook listing
- Inject repo_pre_receive_hooks with a crafted hook entry that triggers path traversal to execute arbitrary instructions because the git person
“With unsandboxed code execution because the git person, we had full management over the GHES occasion, together with filesystem learn/write entry and visibility into inside service configuration,” Wiz safety researcher Sagi Tzadik mentioned.
As for GitHub.com, an enterprise mode flag – that is set to “true” for GitHub Enterprise Server – defaults to “false,” rendering the customized hooks path inactive. However since this flag can be handed within the X-Stat header, it is equally injectable utilizing the identical mechanism, thereby leading to code execution on GitHub.com as nicely.
To make issues worse, given GitHub’s multi-tenant structure and its shared backend infrastructure, the corporate identified that getting code execution on GitHub.com enabled cross-tenant publicity, successfully permitting an attacker to learn thousands and thousands of repositories on the shared storage node, regardless of the group or person.
In mild of the severity of CVE-2026-3854, customers are suggested to use the replace instantly for optimum safety.
“A single git push command was sufficient to take advantage of a flaw in GitHub’s inside protocol and obtain code execution on backend infrastructure,” Wiz mentioned. “When a number of companies written in several languages go knowledge by way of a shared inside protocol, the assumptions every service makes about that knowledge develop into a important assault floor.”
“We encourage groups constructing multi-service architectures to audit how user-controlled enter flows by way of inside protocols – particularly the place security-critical configuration is derived from shared knowledge codecs.”
