CVE-2026-9312
8.2 HIGHA server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to...
Published: 2026-05-27 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 8.2 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
- CWE
- CWE-918
Affected products
| Vendor | Product |
|---|---|
| github | enterprise_server |
Description
A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insufficient input validation in an upload endpoint. By injecting path traversal content into request parameters, an attacker could bypass the intended request flow and redirect internal API calls, potentially accessing internal services and exposing sensitive credentials. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.22 and was fixed in versions 3.16.20, 3.17.17, 3.18.11, 3.19.8, 3.20.4, and 3.21.1. This vulnerability was reported via the GitHub Bug Bounty program.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-9312
- [Other]https://docs.github.com/en/enterprise-server@3.16/admin/release-notes#3.16.20
- [Other]https://docs.github.com/en/enterprise-server@3.17/admin/release-notes#3.17.17
- [Other]https://docs.github.com/en/enterprise-server@3.18/admin/release-notes#3.18.11
- [Other]https://docs.github.com/en/enterprise-server@3.19/admin/release-notes#3.19.8
- [Other]https://docs.github.com/en/enterprise-server@3.20/admin/release-notes#3.20.4
- [Other]https://docs.github.com/en/enterprise-server@3.21/admin/release-notes#3.21.1
Related CVEs
Same vendor
- CVE-2026-48501 — GitHub CLI (gh) is GitHub’s official command line tool (7.4 HIGH)
- CVE-2026-8606 — A Server-Side Request Forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the serve... (5.9 MEDIUM)
- CVE-2026-45803 — `gh` is GitHub’s official command line tool (3.5 LOW)
- CVE-2026-45033 — GitHub Copilot CLI brings AI-powered coding assistance directly to your command line (7.8 HIGH)
- CVE-2026-29783 — The shell tool within GitHub Copilot CLI versions prior to and including 0.0.422 can allow arbitrary code execution through crafted bash ... (7.8 HIGH)
Same CWE
- CVE-2026-50131 — Fedify is a TypeScript library for building federated server apps powered by ActivityPub (8.6 HIGH)
- CVE-2026-50127 — Weblate is a web based localization tool (5.9 MEDIUM)
- CVE-2026-46683 — Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page
- CVE-2026-20252 — In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.1... (7.6 HIGH)
- CVE-2026-48858 — Server-Side Request Forgery (SSRF) vulnerability in Erlang/OTP ftp (ftp_internal module) allows FTP bounce attacks and SSRF via an unvali...