A major security flaw, identified as CVE-2026-3854, was discovered in GitHub's internal git infrastructure, posing a significant risk to both GitHub Enterprise Server and GitHub.com. This vulnerability allowed authenticated users to potentially compromise backend servers, with the ability to access millions of private repositories and, in the case of GitHub Enterprise Server, achieve full server control. The vulnerability was uncovered by Wiz researchers using AI-driven reverse engineering techniques on closed-source binaries. It originated from improper handling of user-supplied push option values in GitHub's internal babeldgit proxy, specifically due to unsanitized semicolon characters in the X-Stat header.

This flaw enabled attackers to inject new key-value fields by embedding semicolons, impacting critical fields such as rails_env and repo_pre_receive_hooks. Remarkably, the exploit required no privilege escalation or special tools, merely a standard git client. On GitHub Enterprise Server, exploitation could lead to full server compromise, granting read and write access to all hosted repositories and internal secrets. On GitHub.com, a similar risk was present, but initially inactive, until Wiz researchers found a way to activate it via the enterprise_mode flag in the X-Stat header.

GitHub responded swiftly to the report submitted on March 4, 2026, deploying a patch to GitHub.com within six hours. A forensic investigation confirmed no prior exploitation occurred. For GitHub Enterprise Server users, patches are available, and administrators are urged to update immediately. At the time of disclosure, however, only 12% of GHES instances had been patched, leaving many at risk. Administrators are also advised to audit logs for unusual push operations as a precaution.