Critical Remote Code Execution Vulnerability (CVE-2026-3854) Disclosed in GitHub
Security researchers at Wiz have uncovered a critical remote code execution vulnerability, CVE-2026-3854, affecting GitHub.com and GitHub Enterprise Server. The flaw impacted GitHub's internal Git infrastructure and could have exposed millions of repositories. While GitHub deployed a fix for GitHub.com on March 4 and Enterprise Server on March 10, Wiz reported on April 29, 2026, that 88% of Enterprise Server instances remained unpatched.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.