On March 4, 2026, GitHub's security team faced a race against time. A critical remote code execution vulnerability had been reported through the company's Bug Bounty program, threatening not only github.com but also all flavors of GitHub Enterprise—Cloud, Cloud with Data Residency, Cloud with Enterprise Managed Users, and Enterprise Server. Within two hours, the team validated the finding, deployed a fix to github.com, and launched a forensic investigation that confirmed no exploitation had occurred. This article details how the vulnerability worked, how GitHub responded, and what measures are being taken to prevent similar incidents in the future.
Discovery of a Critical Vulnerability
The report came from researchers at Wiz, a cybersecurity firm specializing in cloud infrastructure. They described a way for any user with push access to a repository—including a repository of their own creation—to achieve arbitrary command execution on the GitHub server handling their git push operation.
The Bug Bounty Report
Upon receiving the report, GitHub's security team immediately began validation. Within 40 minutes, they had reproduced the vulnerability internally and confirmed its severity. This was a critical issue that required immediate action. The attack itself was deceptively simple: a single command—git push with a crafted push option that leveraged an unsanitized character—could set off a chain of events leading to remote code execution.
Anatomy of the Exploit
When a user pushes code to GitHub, the operation passes through multiple internal services. As part of this process, metadata about the push—such as the repository type and the environment it should be processed in—is passed between services using an internal protocol. The vulnerability leveraged how user-supplied git push options were handled within this metadata.
The Role of Unsanitized Input
Push options are an intentional feature of git that allow clients to send key-value strings to the server during a push. However, the values provided by the user were incorporated into the internal metadata without sufficient sanitization. Because the internal metadata format used a delimiter character that could also appear in user input, an attacker could inject additional fields that the downstream service would interpret as trusted internal values.
Chaining Injected Values
By chaining several injected values together, the researchers demonstrated that an attacker could override the environment the push was processed in, bypass sandboxing protections that normally constrain hook execution, and ultimately execute arbitrary commands on the server. This effectively gave an attacker full control over the server handling the push operation.
Rapid Response and Mitigation
With the root cause identified on March 4, 2026, at 5:45 p.m. UTC, GitHub's engineering team developed and deployed a fix to github.com at 7:00 p.m. UTC that same day. The fix ensures that user-supplied push option values are properly sanitized and can no longer influence internal metadata fields.
Patches for GitHub Enterprise Server
For GitHub Enterprise Server (GHES), GitHub prepared patches across all supported releases—versions 3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.7, 3.19.4, 3.20.0, or later. The vulnerability has been assigned CVE-2026-3854. These patches are available now, and GitHub strongly recommends that all GHES customers upgrade immediately to protect their environments.
Lessons for the Future
This incident underscores the importance of rigorous input validation, especially when user-supplied data is passed through internal protocols. GitHub has implemented additional security measures to detect and prevent similar injection vulnerabilities, including enhanced fuzzing of the git push pipeline and stricter validation of metadata fields. The response also highlights the value of the Bug Bounty program in catching critical issues before they can be exploited.
GitHub's forensic investigation concluded that there was no evidence of exploitation before the fix was deployed. The company continues to work with the security community to identify and address potential weaknesses, ensuring that the platform remains secure for all users.