On March 4, 2026, GitHub's Bug Bounty program received a report from Wiz researchers detailing a critical remote code execution vulnerability that affected multiple GitHub products. Within hours, the security team validated the issue, deployed a fix, and confirmed no exploitation had occurred. This Q&A explores the incident, how the attack worked, and the response measures taken.

What was the vulnerability and how was it reported?

The vulnerability was a critical remote code execution (RCE) flaw that could be triggered by any user with push access to a repository—even one they created themselves. It was reported through GitHub's Bug Bounty program on March 4, 2026, by security researchers from Wiz. The attack required only a single git push command with a specifically crafted push option. The malicious option contained an unsanitized character that allowed the attacker to inject additional internal metadata fields. GitHub's security team confirmed the severity within 40 minutes of receiving the report.

How did the attack work?

When a user pushes code to GitHub, the operation passes through several internal services that exchange metadata using a specific protocol. This metadata includes fields like repository type and processing environment. The vulnerability exploited how user-supplied push options (a standard Git feature for sending key-value strings) were incorporated into this metadata. Because the internal metadata used a delimiter character that could also appear in user input, an attacker could inject extra fields that downstream services would accept as trusted internal values. By chaining multiple injected values, the attacker could override the sandboxing environment, bypass hook execution restrictions, and ultimately run arbitrary commands on the server.

What was the impact and severity?

The vulnerability received a critical severity rating because it allowed remote code execution on GitHub's servers handling the git push operation. The attack vector was simple and required no special privileges beyond push access to any repository. Potentially affected products included github.com, GitHub Enterprise Cloud (including versions with Data Residency and Enterprise Managed Users), and GitHub Enterprise Server. A successful exploit could have allowed an attacker to execute arbitrary commands, potentially leading to data breaches, service disruption, or further compromise of the infrastructure.

How did GitHub respond within the first two hours?

Within 40 minutes of receiving the bug bounty report, GitHub's security team had reproduced the vulnerability and confirmed its critical nature. By 5:45 p.m. UTC on March 4, the root cause was identified. Engineering teams then developed and deployed a fix to github.com at 7:00 p.m. UTC—just over an hour later. Simultaneously, a forensic investigation was launched to determine if the vulnerability had been exploited in the wild. The investigation concluded that no exploitation had occurred. This rapid response was possible thanks to GitHub's mature security processes and the clear details provided by Wiz researchers.

What fix was deployed and for which products?

The fix ensures that user-supplied push option values are properly sanitized before being incorporated into internal metadata. This prevents any injection of delimiter characters that could alter the intended metadata structure. For GitHub Enterprise Server (GHES), patches were prepared for all supported release trains: versions 3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.7, 3.19.4, 3.20.0, or later. The public disclosure includes CVE-2026-3854. GitHub strongly recommends that all GHES customers upgrade to these patched versions as soon as possible to protect their instances.

What lessons were learned and how will future incidents be prevented?

This incident highlighted the critical importance of sanitizing user input that flows into internal metadata protocols. In the future, GitHub plans to enforce stricter validation of all data passed between services, especially when user-controlled values are involved. They are also reviewing their internal metadata format to eliminate the possibility of delimiter injection. The fast collaboration with external researchers through the Bug Bounty program proved valuable, and GitHub continues to invest in automated scanning tools that can detect similar injection patterns. These measures aim to catch potential issues earlier in the development lifecycle and reduce the attack surface for push operations.