HomeCVE Intelligence › CVE-2026-3854
CVSS 8.0 HIGH 🔴 ACTIVELY EXPLOITED Vulnerability

CVE-2026-3854: Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Pu…

Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a singl…

8.0CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-3854
VendorThe Hacker News
Affected ProductThreat Intelligence
Vulnerability TypeVulnerability
CVSS Score8.0 (HIGH)
Actively Exploited✅ Yes
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via thehackernews)

🔬 Technical Analysis

Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single "git push" command. The flaw, tracked as CVE-2026-3854 (CVSS score: 8.7), is a case of command injection that could allow an attacker with push access to a repository to achieve

🎯 Known Indicators of Compromise

{"type":"domain","value":"github.com","confidence_score":0.75,"first_seen":"2026-04-28","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-3854 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence