Key Findings

• Critical vulnerability CVE-2026-3854 allows remote code execution on GitHub through a single git push command

• Affects GitHub Enterprise Cloud, GitHub Enterprise Server, and related variants

• Command injection flaw exploitable by any user with repository push access

• Vulnerability chain enables attackers to bypass sandbox protections and execute arbitrary commands as the git service user

• Wiz researchers discovered the flaw on March 4, 2026; GitHub patched within two hours

• 88% of GitHub Enterprise Server instances remained vulnerable at time of reporting

• No evidence of real-world exploitation beyond researcher testing; no customer data compromised

Background

GitHub's internal architecture relies on multiple services exchanging metadata during git operations. When code is pushed to a repository, these services communicate to coordinate the push operation and trigger necessary hooks and processes. The vulnerability stems from how this internal communication protocol handles user-supplied data, specifically git push options that users can customize during their commits.

The Vulnerability Details

The flaw is rooted in improper sanitization of user-supplied push option values before they're embedded into internal service headers. The internal header format uses delimiter characters to separate fields, but these same delimiters can appear in user input. An attacker with push access could craft malicious push option values containing these delimiter characters to inject additional metadata fields. Downstream services would then treat this injected data as legitimate, trusted information rather than user-controlled input.

Exploitation Chain

The vulnerability enables a multi-step exploitation process. By injecting crafted fields through push options, attackers can alter execution environments and bypass sandbox protections. The critical step involves manipulating the rails_env value, which forces hooks to run in unsafe mode. Attackers then redirect the hook directory and use path traversal techniques to execute arbitrary files. This chain results in commands running with the privileges of the git service user, granting full system control including filesystem access and internal configuration data.

Impact Scope

On GitHub.com, the vulnerability could be weaponized through an enterprise-mode flag injection to enable code execution even though custom hooks are normally disabled. GitHub's multi-tenant architecture means compromised access could potentially expose millions of repositories stored on shared infrastructure nodes. For GitHub Enterprise Server customers, successful exploitation leads to complete system compromise, including access to all repositories and sensitive internal data stored on that instance.

Response and Patches

GitHub addressed the issue by implementing proper input sanitization and releasing patches for Enterprise Server versions 3.14.24, 3.15.19, 3.16.15, 3.17.12, 3.18.6, and 3.19.3. The rapid response time demonstrates GitHub's security incident handling, though the widespread vulnerability exposure prompted urgent guidance for customers to patch immediately given the high percentage of unpatched instances.

Broader Security Implications

This vulnerability highlights a critical security pattern affecting complex systems: when multiple services written in different languages communicate through shared internal protocols, dangerous assumptions can develop about data trustworthiness. The flaw's discovery using AI-assisted analysis by Wiz researchers points to evolving vulnerability research methodologies in closed-source code. The incident underscores the importance of rigorous input validation and sanitization, especially where user-controlled data crosses trust boundaries between internal services.

Sources

• https://securityaffairs.com/191434/security/cve-2026-3854-github-flaw-enables-remote-code-execution.html

• https://thehackernews.com/2026/04/researchers-discover-critical-github.html

• https://x.com/securityaffairs/status/2049227155565838790

• https://www.reddit.com/r/SecOpsDaily/comments/1sycngh/researchers_discover_critical_github_cve20263854/