Cybersecurity researchers have disclosed particulars of a important security vulnerability impacting GitHub.com and GitHub Enterprise Server that would enable an authenticated person to acquire distant code execution with a single “git push” command.
The flaw, tracked as CVE-2026-3854 (CVSS rating: 8.7), is a case of command injection that would enable an attacker with push entry to a repository to realize distant code execution on the occasion.
“Throughout a git push operation, user-supplied push choice values weren’t correctly sanitized earlier than being included in inside service headers,” per a GitHub advisory for the vulnerability. “As a result of the inner header format used a delimiter character that would additionally seem in person enter, an attacker may inject further metadata fields via crafted push choice values.”
Google-owned cloud security agency Wiz has been credited with discovering and reporting the difficulty on March 4, 2026, with GitHub validating and deploying a repair to GitHub.com inside two hours.
The vulnerability has additionally been addressed in GitHub Enterprise Server variations 3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.8, 3.19.4, 3.20.0, or later. There isn’t any proof that the difficulty was ever exploited in a malicious context.
In response to GitHub, the difficulty impacts GitHub.com, GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, GitHub Enterprise Cloud with Enterprise Managed Customers, and GitHub Enterprise Server.
At its core, the issue stems from the truth that user-supplied git push choices will not be adequately sanitized earlier than the values had been included into the inner X-Stat header. As a result of the inner metadata format depends on a semicolon as a delimiter character that would additionally seem within the person enter, a foul actor may exploit this oversight to inject arbitrary instructions and have them executed.
“By chaining a number of injected values collectively, the researchers demonstrated that an attacker may override the atmosphere the push was processed in, bypass sandboxing protections that usually constrain hook execution, and finally execute arbitrary instructions on the server,” GitHub’s Chief Info Safety Officer, Alexis Wales, stated.
Wiz, in a coordinated announcement, famous that the difficulty is “remarkably simple” to take advantage of, including that it permits distant code execution on shared storage nodes. About 88% of cases are at present susceptible to the difficulty on the time of public disclosure. The distant code execution chain strings collectively three injections –
- Inject a non-production rails_env worth to bypass the sandbox
- Inject custom_hooks_dir to manage to redirectthe hook listing
- Inject repo_pre_receive_hooks with a crafted hook entry that triggers path traversal to execute arbitrary instructions because the git person
“With unsandboxed code execution because the git person, we had full management over the GHES occasion, together with filesystem learn/write entry and visibility into inside service configuration,” Wiz security researcher Sagi Tzadik stated.
As for GitHub.com, an enterprise mode flag – that is set to “true” for GitHub Enterprise Server – defaults to “false,” rendering the customized hooks path inactive. However since this flag can also be handed within the X-Stat header, it is equally injectable utilizing the identical mechanism, thereby leading to code execution on GitHub.com as nicely.
To make issues worse, given GitHub’s multi-tenant structure and its shared backend infrastructure, the corporate identified that getting code execution on GitHub.com enabled cross-tenant publicity, successfully permitting an attacker to learn thousands and thousands of repositories on the shared storage node, regardless of the group or person.
In gentle of the severity of CVE-2026-3854, customers are suggested to use the replace instantly for optimum safety.
“A single git push command was sufficient to take advantage of a flaw in GitHub’s inside protocol and obtain code execution on backend infrastructure,” Wiz stated. “When a number of providers written in numerous languages go knowledge via a shared inside protocol, the assumptions every service makes about that knowledge turn out to be a important assault floor.”
“We encourage groups constructing multi-service architectures to audit how user-controlled enter flows via inside protocols – particularly the place security-critical configuration is derived from shared knowledge codecs.”
