Skip to content
The Nexus
DossierENTITY

CVE-2026-3854

Coverage of CVE-2026-3854 in the Nexus archive.

Earliest in view: Apr 28 · 16:15 UTCMost recent: Apr 29 · 12:41 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYApr 29 · 12:41 UTCBLEEPING COMPUTER
    GitHub fixes RCE flaw that gave access to millions of private repos

    GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) in early March that could have allowed attackers to access millions of private repositories. The flaw, if exploited, would have exposed sensitive code and data stored in private GitHub projects.

  • SECURITYApr 28 · 18:19 UTCTHE HACKER NEWS
    Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

    Cybersecurity researchers discovered a critical remote code execution (RCE) vulnerability in GitHub.com and GitHub Enterprise Server, tracked as CVE-2026-3854 (CVSS score: 8.7). The flaw allows authenticated users with push access to exploit a command injection vulnerability via a single 'git push' command.

  • SECURITYApr 28 · 16:15 UTCHACKER NEWS
    GitHub RCE Vulnerability: CVE-2026-3854 Breakdown

    A critical Remote Code Execution (RCE) vulnerability, CVE-2026-3854, was disclosed in GitHub, allowing attackers to execute arbitrary code. The flaw, detailed in a Wiz.io blog post, has sparked discussion on Hacker News with 11 comments and 23 upvotes.

CVE-2026-3854 · Dossier · The Nexus