Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

Summary

CVE-2026-3854 is a critical command injection vulnerability affecting GitHub.com and GitHub Enterprise Server that allows authenticated users with push access to achieve remote code execution (RCE) via a single git push command. The flaw enables attackers to bypass sandboxing and execute arbitrary commands, potentially leading to cross-tenant data exposure on shared infrastructure.

Key Points

• CVE Identifier: CVE-2026-3854 (CVSS score: 8.7).
• Affected Platforms: GitHub.com, GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, GitHub Enterprise Cloud with Enterprise Managed Users, and GitHub Enterprise Server.
• Patched GitHub Enterprise Server Versions: 3.14.22, 3.15.20, 3.16.16, 3.17.13, 3.18.8, 3.19.4, 3.20.0, or later.
• Exploit Vector: A single git push command utilizing crafted push option values.
• Exploit Capability: Remote code execution on shared storage nodes and full control over GitHub Enterprise Server instances, including filesystem read/write access.
• Exploitation Status: No evidence of malicious exploitation has been identified.

Technical Details

The vulnerability originates from improper sanitization of user-supplied git push option values before they are incorporated into the internal X-Stat service header. The X-Stat header uses a semicolon (;) as a delimiter; because this character is also permitted in user-supplied push options, an attacker can inject additional metadata fields into the header.

The remote code execution chain consists of three specific injection steps:
1. Sandbox Bypass: Injecting a non-production rails_env value to bypass the execution sandbox.
2. Directory Redirection: Injecting a custom_hooks_dir value to redirect the hook directory.
3. Command Execution: Injecting repo_pre_receive_hooks with a crafted entry that utilizes path traversal to execute arbitrary commands as the git user.

On GitHub.com, the vulnerability can be used to manipulate the enterprise mode flag (which defaults to false) by injecting it into the X-Stat header. Setting this flag to true activates the custom hooks path, enabling the execution chain. In multi-tenant environments, this allows for cross-tenant exposure, granting an attacker the ability to read repositories belonging to other organizations hosted on the same shared storage node.

Impact / Why It Matters

This vulnerability presents a severe risk to both cloud and self-hosted users, as successful exploitation can lead to full server compromise and unauthorized access to private repositories across shared infrastructure. All GitHub Enterprise Server administrators must apply the identified security updates immediately to prevent unauthorized command execution and data exposure.