A critical remote code execution (RCE) vulnerability in GitHub could have allowed attackers to run arbitrary code on GitHub.com and GitHub Enterprise Server, exposing millions of public and private repositories. The flaw, tracked as CVE-2026-3854, was discovered by researchers at Wiz and patched by GitHub within hours, but 88% of Enterprise Server instances remain vulnerable at the time of public disclosure.
What Happened
The vulnerability exploited how GitHub handles server-side git push operations. By crafting malicious input in a normal Git push, an authenticated user could execute arbitrary commands via GitHub’s backend Git processing pipeline. The issue involves an internal component called X-STAT, which processes Git push requests on the server side.
According to Wiz researcher Sagi Tzadik, “On GitHub.com, this vulnerability allowed remote code execution on shared storage nodes. We confirmed that millions of public and private repositories belonging to other users and organizations were accessible on the affected nodes.” For GitHub Enterprise Server, the attack could lead to full server compromise across tenants.
Response and Fix
GitHub acknowledged the severity, with CISO Alexis Wales stating, “A finding of this caliber and severity is rare, earning one of the highest rewards available in our Bug Bounty program.” The company released patches for all supported GitHub Enterprise Server versions (3.14.25 through 3.20.0) and fixed the issue on GitHub.com within hours of the report.
Background
The flaw, categorized as a command injection issue, received a CVSS score of 8.8 out of 10 – near-critical. It stemmed from “improper neutralization of special elements used in a command,” according to GitHub. Wiz researchers found that specially crafted input in a git push could bypass safety checks in X-STAT and influence how backend commands were constructed.
Notably, Wiz used IDA MCP, an AI-augmented reverse engineering tool, to discover the flaw. “This is one of the first critical vulnerabilities discovered in closed-source binaries using AI, highlighting a shift in how these flaws are identified,” Tzadik said. “Despite the complexity of the underlying system, the vulnerability is remarkably easy to exploit.”
What This Means
The vulnerability represents an urgent threat for organizations using GitHub Enterprise Server. With 88% of instances still unpatched, attackers could potentially gain full control over internal servers and access sensitive repository data. For GitHub.com users, the impact was also severe – attackers could read and potentially modify millions of repositories across tenants.
Security teams should immediately apply the available patches or update to the latest supported GitHub Enterprise Server version. As Tzadik warned, “We confirmed that millions of public and private repositories belonging to other users and organizations were accessible.” The discovery also signals a new era in vulnerability research, where AI tools like IDA MCP can uncover critical flaws in closed-source binaries.
Key Details at a Glance
- CVE: CVE-2026-3854
- CVSS Score: 8.8 (High)
- Impact: Remote code execution on GitHub.com and GitHub Enterprise Server
- Fix: Patches issued for GitHub Enterprise Server versions 3.14.25 to 3.20.0
- Discovery: Found by Wiz researchers using AI-augmented reverse engineering
- Exposure: 88% of GitHub Enterprise Server instances still vulnerable at time of disclosure
This is a breaking story and will be updated as more information becomes available.