GitHub RCE Vulnerability: CVE-2026-3854 Breakdown

Wiz Research has uncovered a severe remote code execution (RCE) vulnerability, CVE-2026-3854, within GitHub's internal git infrastructure. This critical flaw allowed any authenticated user to execute arbitrary commands on GitHub's backend servers through a specially crafted git push, affecting both GitHub.com and GitHub Enterprise Server (GHES). The discovery is notable for leveraging AI-augmented tooling to analyze closed-source binaries, marking a new era in vulnerability research.

• Vulnerability Mechanism: The flaw stems from an injection vulnerability in GitHub's internal X-Stat protocol header. A standard git push command, when equipped with a specially crafted push option containing a semicolon, could inject new fields into this header. Due to "last-write-wins" semantics in the parsing, these injected fields could override legitimate security parameters.
• Escalation to RCE: By injecting specific fields like rails_env, custom_hooks_dir, and repo_pre_receive_hooks, attackers could bypass sandboxing mechanisms and exploit path traversal vulnerabilities. This led to arbitrary code execution as the git service user, granting extensive control over the system.
• Impact on GitHub.com: On GitHub.com, the RCE provided access to shared storage nodes, where the git user possessed broad filesystem access to millions of public and private repositories belonging to other users, demonstrating a cross-tenant impact.
• Impact on GHES: For GitHub Enterprise Server deployments, the vulnerability allowed for full server compromise, including access to all hosted repositories and internal secrets.
• Discovery Method: Wiz Research employed AI-augmented reverse engineering tools, specifically IDA MCP, to analyze compiled blackbox binaries and reconstruct internal protocols. This capability enabled the rapid identification of the vulnerability, a task that would have been infeasible through manual methods.
• Mitigation and Disclosure: GitHub promptly mitigated the issue on GitHub.com within six hours of the report and released patches for all supported GHES versions. However, despite patches being available since March 10, 2026, Wiz data indicated that a concerning 88% of GHES instances remained vulnerable at the time of public disclosure on April 28, 2026.

This vulnerability highlights the critical importance of robust input sanitization and consistent data handling across multi-service architectures, especially where security-critical configuration is derived from shared internal protocols. It also underscores the growing power of AI in uncovering complex flaws within vast, previously intractable systems.