Cybersecurity researchers have disclosed particulars of a important safety vulnerability impacting GitHub.com and GitHub Enterprise Server that would enable an authenticated person to acquire distant code execution with a single “git push” command.
The flaw, tracked as CVE-2026-3854 (CVSS rating: 8.7), is a case of command injection that would enable an attacker with push entry to a repository to attain distant code execution on the occasion.
“Throughout a git push operation, user-supplied push choice values weren’t correctly sanitized earlier than being included in inside service headers,” per a GitHub advisory for the vulnerability. “As a result of the inner header format used a delimiter character that would additionally seem in person enter, an attacker may inject further metadata fields via crafted push choice values.”
Google-owned cloud safety agency Wiz has been credited with discovering and reporting the problem on March 4, 2026, with GitHub validating and deploying a repair to GitHub.com inside two hours.
The vulnerability has additionally been addressed in GitHub Enterprise Server variations 3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.8, 3.19.4, 3.20.0, or later. There isn’t a proof that the problem was ever exploited in a malicious context.
In keeping with GitHub, the problem impacts GitHub.com, GitHub Enterprise Cloud, GitHub Enterprise Cloud with Information Residency, GitHub Enterprise Cloud with Enterprise Managed Customers, and GitHub Enterprise Server.
At its core, the issue stems from the truth that user-supplied git push choices usually are not adequately sanitized earlier than the values have been included into the inner X-Stat header. As a result of the inner metadata format depends on a semicolon as a delimiter character that would additionally seem within the person enter, a foul actor may exploit this oversight to inject arbitrary instructions and have them executed.
“By chaining a number of injected values collectively, the researchers demonstrated that an attacker may override the atmosphere the push was processed in, bypass sandboxing protections that usually constrain hook execution, and in the end execute arbitrary instructions on the server,” GitHub’s Chief Data Safety Officer, Alexis Wales, stated.
Wiz, in a coordinated announcement, famous that the problem is “remarkably simple” to take advantage of, including that it permits distant code execution on shared storage nodes. About 88% of cases are at present weak to the problem on the time of public disclosure. The distant code execution chain strings collectively three injections –
- Inject a non-production rails_env worth to bypass the sandbox
- Inject custom_hooks_dir to manage to redirectthe hook listing
- Inject repo_pre_receive_hooks with a crafted hook entry that triggers path traversal to execute arbitrary instructions because the git person
“With unsandboxed code execution because the git person, we had full management over the GHES occasion, together with filesystem learn/write entry and visibility into inside service configuration,” Wiz safety researcher Sagi Tzadik stated.
As for GitHub.com, an enterprise mode flag – that is set to “true” for GitHub Enterprise Server – defaults to “false,” rendering the customized hooks path inactive. However since this flag can be handed within the X-Stat header, it is equally injectable utilizing the identical mechanism, thereby leading to code execution on GitHub.com as properly.
To make issues worse, given GitHub’s multi-tenant structure and its shared backend infrastructure, the corporate identified that getting code execution on GitHub.com enabled cross-tenant publicity, successfully permitting an attacker to learn tens of millions of repositories on the shared storage node, regardless of the group or person.
In gentle of the severity of CVE-2026-3854, customers are suggested to use the replace instantly for optimum safety.
“A single git push command was sufficient to take advantage of a flaw in GitHub’s inside protocol and obtain code execution on backend infrastructure,” Wiz stated. “When a number of providers written in numerous languages move information via a shared inside protocol, the assumptions every service makes about that information turn out to be a important assault floor.”
“We encourage groups constructing multi-service architectures to audit how user-controlled enter flows via inside protocols – particularly the place security-critical configuration is derived from shared information codecs.”
