Critical GitHub RCE Vulnerability (CVE-2026-3854) Exposed Millions of Private Repositories
Security researchers at Wiz uncovered a severe remote code execution (RCE) vulnerability in GitHub’s internal babeld git proxy, tracked as CVE-2026-3854, which could have allowed authenticated users to compromise backend servers, access millions of private repositories, and achieve full server takeover on GitHub Enterprise Server (GHES).
The flaw stemmed from improper sanitization of user-supplied push option values in GitHub’s closed-source infrastructure. When a user executed git push -o, arbitrary strings were passed to the server and copied into an internal X-Stat header without filtering semicolons the same delimiter used to separate fields. Attackers could inject malicious key-value pairs, overriding security-critical fields like rails_env, custom_hooks_dir, and repo_pre_receive_hooks.
Exploitation required chaining three injected fields:
- Bypassing the sandbox by forcing unsandboxed execution via a non-production rails_env value.
- Redirecting hook directories by overriding custom_hooks_dir.
- Executing arbitrary binaries via path traversal in repo_pre_receive_hooks.
No privilege escalation or zero-day dependencies were needed only a standard git client. On GHES, this granted full server compromise, including read/write access to all repositories and internal secrets. On GitHub.com, while the custom hooks path was inactive by default, researchers discovered an injectable enterprise_mode flag, enabling the same attack chain on shared infrastructure.
Wiz confirmed that successful exploitation on GitHub.com’s storage nodes could expose millions of repositories across tenants, though they only tested with their own accounts. The vulnerability was notable as one of the first critical flaws in closed-source binaries discovered using AI-augmented reverse engineering, leveraging tools like IDA MCP to rapidly analyze GitHub’s internal protocols.
GitHub received the report on March 4, 2026, validated it within hours, and deployed a fix to GitHub.com by 7:00 p.m. UTC the same day. Forensic analysis confirmed no prior exploitation. Patches for GHES were released for versions 3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.8, and 3.19.4+, though 88% of instances remained unpatched at disclosure. Administrators were advised to check /var/log/github-audit.log for suspicious push operations. GitHub Enterprise Cloud and GitHub.com users required no action.
Source: https://cybersecuritynews.com/github-com-and-enterprise-server-rce/
GitHub cybersecurity rating report: https://www.rankiteo.com/company/github
"id": "GIT1777400871",
"linkid": "github",
"type": "Vulnerability",
"date": "3/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Millions of users and '
'organizations using GitHub.com '
'and GitHub Enterprise Server',
'industry': 'Software Development, Cloud Services',
'location': 'Global',
'name': 'GitHub',
'size': 'Large (Microsoft subsidiary)',
'type': 'Technology/Software'}],
'attack_vector': 'Git push options (git push -o)',
'customer_advisories': 'GitHub.com users required no action; GHES users urged '
'to patch immediately',
'data_breach': {'personally_identifiable_information': 'Potential (if '
'repositories '
'contained PII)',
'sensitivity_of_data': 'High (proprietary code, credentials, '
'PII if stored in repositories)',
'type_of_data_compromised': 'Private repositories, internal '
'secrets, source code'},
'date_detected': '2026-03-04',
'date_resolved': '2026-03-04T19:00:00Z',
'description': 'Security researchers at Wiz uncovered a severe remote code '
'execution (RCE) vulnerability in GitHub’s internal *babeld* '
'git proxy, tracked as CVE-2026-3854, which could have allowed '
'authenticated users to compromise backend servers, access '
'millions of private repositories, and achieve full server '
'takeover on GitHub Enterprise Server (GHES). The flaw stemmed '
'from improper sanitization of user-supplied push option '
'values in GitHub’s closed-source infrastructure, enabling '
'arbitrary code execution via malicious header injection.',
'impact': {'brand_reputation_impact': 'High (critical vulnerability in widely '
'used platform)',
'data_compromised': 'Millions of private repositories potentially '
'exposed',
'operational_impact': 'Full server compromise on GHES, potential '
'unauthorized access to repositories and '
'internal secrets',
'systems_affected': 'GitHub Enterprise Server (GHES), GitHub.com '
'backend storage nodes'},
'investigation_status': 'Completed (no prior exploitation detected)',
'lessons_learned': 'Critical vulnerabilities can exist in closed-source '
'components, requiring advanced reverse engineering '
'techniques. AI-augmented tools can accelerate '
'vulnerability discovery. Rapid patching and forensic '
'analysis are essential to prevent exploitation.',
'post_incident_analysis': {'corrective_actions': 'Fixed input sanitization, '
'patched vulnerable GHES '
'versions, enhanced logging '
'for suspicious activities',
'root_causes': 'Improper sanitization of '
'user-supplied push option values '
'in GitHub’s *babeld* git proxy, '
'leading to header injection and '
'arbitrary code execution'},
'recommendations': ['Patch GHES instances immediately to the latest version',
'Monitor audit logs for suspicious git push operations',
'Review repository access controls and secrets management',
'Adopt AI-augmented security tools for vulnerability '
'research',
'Ensure timely patch management for critical '
'infrastructure'],
'references': [{'source': 'Wiz Research'}],
'response': {'communication_strategy': 'Public disclosure post-patch, '
'advisories for GHES administrators',
'containment_measures': 'Immediate patch deployment to '
'GitHub.com, forensic analysis to '
'confirm no prior exploitation',
'enhanced_monitoring': 'Forensic analysis of logs to detect '
'exploitation attempts',
'incident_response_plan_activated': True,
'recovery_measures': 'Administrators advised to check audit logs '
'for suspicious push operations',
'remediation_measures': 'Patches released for GHES versions '
'3.14.25, 3.15.20, 3.16.16, 3.17.13, '
'3.18.8, and 3.19.4+',
'third_party_assistance': 'Wiz (security researchers)'},
'stakeholder_advisories': 'GHES administrators advised to apply patches and '
'review logs',
'title': 'Critical GitHub RCE Vulnerability (CVE-2026-3854) Exposed Millions '
'of Private Repositories',
'type': 'Remote Code Execution (RCE)',
'vulnerability_exploited': 'CVE-2026-3854'}