SECURITYBLEEPING COMPUTER
GitHub fixes RCE flaw that gave access to millions of private repos
GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) in early March that could have allowed attackers to access millions of private repositories. The flaw, if exploited, would have exposed sensitive code and data stored in private GitHub projects.