GitHub RCE Vulnerability: CVE-2026-3854 Breakdown (wiz.io)
366 points by bo0tzz 18 hours ago
jfkimmes 14 hours ago
They hint at their AI-augmented reversing methodology, which demonstrates one of the core strengths of current LLM agents. These models, trained extensively on code, can immensely speed up the process of understanding complex system internals.
Security research historically has two difficult components that build on one another: 1. Understanding complex system internals: uncovering the inner workings hidden by abstractions or interfaces 2. Finding vulnerabilities in these uncovered mechanisms
Sometimes both steps are equally hard. But often, finding the vulnerability is trivial once the real mechanisms are uncovered, rather than relying on assumptions about inner workings.
CVE-2026-3854 is a case where the vulnerability is not plainly obvious after understanding the internals. Still, I am confident that this command injection would have been found quickly had it been exposed to a more traditional or accessible attack surface.
jcims 15 hours ago
Anyone in here work at Wiz? Seem like they do pretty good work. Tool itself has survived extreme growth/feature bloat and still does pretty well. Security team has found some really cool stuff.
az226 5 hours ago
Lots of Unit 8200 peeps.
jospeh554 3 hours ago
I'm not there, but we use it at our place. It triggers on entirely innocent things I do.
And yet when I do something a bit dodgy (like query a DC with a cli, and reset credentials) it's silent...
saghm 9 hours ago
> When babeld forwards a push request, one of the internal requests includes push options in the X-Stat header. Git push options are arbitrary strings that users can pass with git push -o. They are a standard git protocol feature, intended for server-side hints. babeld encodes them as numbered fields - push_option_0, push_option_1, and so on - alongside a push_option_count.
> babeld copies git push option values directly into the X-Stat header - without sanitizing semicolons. Since ; is the X-Stat field delimiter, any semicolon in a push option value breaks out of its designated field and creates new, attacker-controlled fields.
They managed to literally do the simplest possible thing wrong. The fruit was hanging so low it might have been underground.
irishcoffee 6 hours ago
Oh Bobby Tables, your mom was quite clever.
baccatore 2 hours ago
Why do they need to stir up needless fear by using words like "BREAKING", "unauthorized access", or "millions of repositories" about the vulnerability that they caught before it was exploited in their X.com?
bananapub 17 hours ago
> April 28, 2026
> GitHub Enterprise Server customers should upgrade immediately - at the time of this writing, our data indicates that 88% of instances are still vulnerable
> Upgrade to GHES version 3.19.3 or later
https://docs.github.com/en/[email protected]/admin/rele... :
> Enterprise Server 3.19.3 - March 10, 2026
88% of on-prem customers haven't applied a critical security fix from 7 weeks ago, that seems ... bad.
semiquaver 15 hours ago
GHES is essentially unmaintained (perhaps “on life support” would be more charitable since they are certainly accepting payment for it) and has been so for about a decade. It requires a multi-hour downtime to apply even a patch-level release. They do not have any supported mechanism for HA upgrades. So even the most conscientious GHES customers lag the latest version because they can’t afford the downtime.
They are constantly telling all their GHES customers who complain about the severe flaws with the self-hosted appliance product to move to GitHub Enterprise Cloud, which is just regular GitHub.com, but who in their right mind would make that move nowadays??? At least GHES stays up during the daily github.com outages.
baby_souffle 15 hours ago
You can at least schedule the updates.
It's still a pretty annoying process, though.
semiquaver 14 hours ago
everfrustrated 14 hours ago
Pretty sure GitHub Enterprise Cloud is just Github hosting their enterprise server for you on Azure so you don't have to do the patching yourself.
semiquaver 13 hours ago
securesaml 13 hours ago
brianmcnulty 16 hours ago
I assume a fair amount of these on-prem customers restrict access to their GHES instance to be behind corporate VPN or something similar and are planning a date to upgrade their instance that won't affect operations.
Any public instance should update immediately though, it's not very hard to put together how to repro the vulnerability on your own from what they provide in the article and the fact that GitHub Enterprise source is publicly available.
jamesfinlayson 10 hours ago
For sure - the last company I worked at that had GitHub Enterprise had it running on a private network only accessible within the company.
fastest963 6 hours ago
technion 8 hours ago
I guess I woukd say youre fortunate to have not worked in a "we cannot use github.com because we take security very seriously" environment. Because always tells me you'll be running a on prem product that might get updated once a year.
eyegor 5 hours ago
On prem beats the heck out of github post Microsoft though... At least you know how to get it working again when someone breaks it. These days with github you expect a weekly 500, a rainbow unicorn error, build failures due to unavailable errors, etc. Last I checked the third party tracker github services were barely pushing one 9 of reliability.
bombcar 16 hours ago
If you're in the enterprise you can update something outside of the normal schedule and guarantee blow up everything (and be blamed) or you can stick with the schedule and hope for the best.
Guess which is usually picked ...
pixl97 17 hours ago
Question is how fragile the upgrade process is in large installations. In other enterprise software messing around with large amounts of data I've seen the smallest things break the install and leaving the OPs team rolling back. Was like SharePoint in the past, you were rolling a dice when upgrading it.
chucky_z 17 hours ago
It's incredibly fragile. It breaks a vast majority of the time and takes multiple rounds of support on-call to upgrade typically.
formerly_proven 16 hours ago
angry_octet 13 hours ago
Another tour de force from Wiz, and a watershed moment in AI tooling enabling RE and compromise discovery.
avaer 11 hours ago
It throws a wrench into the argument of not publishing your source because AI will more easily compromise the code.
Another data point against doing security through obscurity.
latchkey 18 hours ago
People keep wanting to replace GitHub, but with what?
If GH is getting RCE's this late in the game who wants to take the chance something else won't?
skrrtww 16 hours ago
A "reasonable" answer is probably a primary self-hosted Forgejo instance as the canonical forge, while using GitHub as a mirror solely to take advantage of its free CI, while that lasts, while hosting secrets with a dedicated secret-hosting provider (I don't know what the provider du jour for this is these days).
latchkey 16 hours ago
Replace a whole 24/7 team of devops people with myself?
As much as I'd like to believe that I'm worthy, I'm not.
rnhmjoj 5 hours ago
skrrtww 16 hours ago
slopinthebag 11 hours ago
embedding-shape 16 hours ago
> solely to take advantage of its free CI, while that lasts
Eh, if you want to be able to continue working, deploy and what not as normal during weekdays, I'd suggest also moving to Forgejo Actions if you're moving anyways. Not 100% compatible, but more or less the same, and even paying the same but with dedicated hardware you'd get way faster runners.
skrrtww 14 hours ago
asa977 10 hours ago
We moved from github to a self-hosted forgejo instance about 6 months ago, works like a charm. Still can't belive how snappy forgejo is / laggy github has become
latchkey 9 hours ago
Is it public or locked down?
Caligatio 16 hours ago
I am personally now drawing a clear delineation between projects for my internal consumption (e.g. ansible scripts) and projects that have potential use for the general populace. For the prior, I now host a private Forgejo instance. For the latter, I'll put it on GitHub but mirror it to my Forgejo instance.
I was pleasantly shocked that Forgejo is literally a single binary with a relatively easy config. All my internal services reference my Forgejo instance so, if I need to bail on GitHub, it's low friction for me.
crimsonnoodle58 12 hours ago
Self hosted gitlab behind a VPN.
The all-in-docker image and a couple of gitlab runners is all small to medium sized teams need. (Don't overcomplicate it with the kubernetes version unless you really need it)
gtech1 17 hours ago
GitLab ?
latchkey 17 hours ago
The people who suggest gitlab, haven't used it. But I guess I could be tempted to try again...
https://status.gitlab.com/pages/history/5b36dc6502d06804c083...
capitalhilbilly 14 hours ago
gtech1 11 hours ago
TZubiri 13 hours ago
just git
chucky_z 17 hours ago
.... git?
replace it with git.
if you want a whole ui you can use something like forgejo which has far fewer features likely leading to less issues.
debugnik 16 hours ago
You probably meant Forgejo. Codeberg is a Forgejo instance exclusive for FOSS projects.
latchkey 17 hours ago
i want what github offers.
heliumtera 17 hours ago
WASDx 16 hours ago
I was impressed enough by AI finding vulnerabilities in source code, but doing it in binary executables is just amazing. This has so much potential, good and bad.
And yet another lesson to not treat data as instructions. Sanitize all user input!
avaer 11 hours ago
Transformers were literally designed for translation.
As we have known for a while, they ended up being really good at translating source to source or text to source. It shouldn't be too surprising they are also really good at understanding the asm version too.
Doesn't make it any less impressive, but maybe less surprising.
halger 15 hours ago
Woah I wonder if they can tell if this has been exploited or not
semiquaver 15 hours ago
My read is that this vulnerability is exploitable by an anonymous user. They absolutely have HTTP/gitprotocol logs that would indicate whether this was exploited but if it was, they won’t have logging about what actually got accessed and who did it, since the exploit was capable of standalone execution on the git servers, which would by definition be capable of evading any logging.
formerly_proven 15 hours ago
This is just such an amateur hour vulnerability. Gluing strings together with no regard to what might be in them and then parsing them later...
edit: I didn't mean it as a put-down of either the article or how they found the vulnerability, but it wasn't a constructive comment either way.
dang 15 hours ago
It's good to add information about what the vulnerability actually was, but please don't do it in the key of putdown. We're trying for something else here.
willworktill4pm 17 hours ago
GitHub case will be thought in schools how to screw up almost monopolistic position in the market in couple years. This is beyond bonkers.
hnlmorg 16 hours ago
Only if they take Skype off the syllabus first.
xaxfixho 16 hours ago
private equity: hold my beer!