A significant remote code execution (RCE) vulnerability, identified as CVE-2026-3854, was discovered in GitHub’s internal git systems. This flaw could have allowed authenticated users to compromise backend servers, potentially accessing millions of private repositories. In the case of GitHub Enterprise Server (GHES), this vulnerability could lead to complete server control.
Discovery and Technical Details
The vulnerability was uncovered by Wiz researchers using AI-enhanced reverse engineering techniques on closed-source binaries. The issue originated from incorrect handling of special elements in GitHub’s babeld git proxy, specifically in the processing of user-supplied push options. The vulnerability allowed arbitrary strings to be inserted via the git push -o command, which were then improperly incorporated into an internal header without proper sanitization.
This improper handling permitted attackers to inject new fields into the X-Stat header by using semicolons, which are used for field delimitation. This opened the door to override critical fields such as rails_env, custom_hooks_dir, and repo_pre_receive_hooks through a single injection vector.
Exploitation and Impact
Exploitation involved chaining three injected fields, enabling a transition from sandbox execution to direct execution by altering the rails_env value, redirecting the hook directory, and executing an arbitrary binary using a crafted path traversal payload. This process required no privilege escalation or specialized tools, merely a standard git client.
On GitHub Enterprise Server, exploiting the flaw could lead to full server takeover, allowing access to all repositories and internal secrets. Although a mitigation was initially inactive on GitHub.com, researchers discovered that an enterprise_mode flag could be injected to enable the exploit chain, potentially affecting GitHub.com’s shared infrastructure.
Response and Mitigation
GitHub took swift action upon receiving the vulnerability report on March 4, 2026, validating and addressing the issue within six hours by deploying a fix to GitHub.com. No exploitations were observed prior to the disclosure. For GitHub Enterprise Server, patches have been released, and administrators are urged to update immediately to versions 3.19.4 or higher.
At disclosure time, 88% of GHES instances were unpatched, highlighting the urgency for administrators to apply updates. Additionally, audits of /var/log/github-audit.log should be conducted to check for unusual special characters in push option values, indicating potential exploitation attempts.
This incident underscores the growing role of AI in vulnerability research, marking a shift towards automated analysis of complex, multi-service architectures. For ongoing updates on cybersecurity developments, follow us on Google News, LinkedIn, and X.
