CVE-2026-5845

Summary: CVE-2026-5845 affects GitHub Enterprise Server versions prior to 3.21, due to an improper authorization fallback in scoped user-to-server (ghu_) token handling. An authenticated attacker could access private repositories outside the intended installation scope, potentially including writ...

CVE-2026-5512

CVE-2026-5512 describes an improper authorization vulnerability in GitHub Enterprise Server where an authenticated attacker could determine private repository names by numeric ID via the mobile upload policy API endpoint. The issue arises from a failure to perform an early authorization check and...

CVE-2026-5512 Improper authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository names via mobile upload policy API

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...

CVE-2026-5512

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.21 of GitHub Enterprise Server, there was a security...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.21 of GitHub Enterprise Server, there was a security...

PT-2026-34211

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description An improper authorization issue exists where an authenticated attacker can determine the names of private repositories using their numeric ID. This occurs because the mobile upload...

PT-2026-34212

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description An improper authorization issue exists in scoped user-to-server ghu token authorization. An authenticated attacker can access private repositories outside the intended installation...

Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories

Our research on Void Dokkaebi’s operations uncovered a campaign that turns infected developer repositories into malware delivery channels. By spreading through trusted workflows, organizational codebases, and open-source projects, the threat can scale from a single compromise to a broader supply...

SUSE CVE-2026-40261

Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase method, which appends the $sourceReference parameter to a shell command without proper escaping, and additionally in the...

MAL-2026-2837 Malicious code in solanakit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e8770458eab636335241e359b6cee149cc00640fb2418b4462c89ec88accc93 During import, the code downloads and starts a malicious package hosted on GitHub. It then first ensures persistency e.g., through the autostart registry key...

Sparx Systems Sparx Pro Cloud Server 安全漏洞

Sparx Pro Cloud Server is a modeling and service platform developed by Australian company Sparx Systems. It supports remote access to model repositories and collaborative management. There is a security vulnerability in Sparx Pro Cloud Server, which stems from the storage of local user passwords ...

CVE-2026-40261 Composer has Command Injection via Malicious Perforce Reference

Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase method, which appends the $sourceReference parameter to a shell command without proper escaping, and additionally in the...

CVE-2026-32631 Git for Windows: `git clone` from manipulated repositories can leak NTLM hashes to arbitrary servers

Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses a...

Command Injection

Overview composer/composer is a Dependency Manager for PHP. Composer helps you declare, manage and install dependencies of PHP projects. It ensures you have the right stack everywhere. Affected versions of this package are vulnerable to Command Injection via the Perforce::syncCodeBase and...

Composer has a command injection via malicious perforce reference

Impact The Perforce::syncCodeBase method appended the $sourceReference parameter to a shell command without proper escaping, allowing an attacker to inject arbitrary commands through a crafted source reference containing shell metacharacters. Further as in GHSA-wg36-wvj6-r67p / CVE-2026-40176 the...

How exposed is your code? Find out in minutes—for free

Most security leaders share the same suspicion: there are vulnerabilities in our codebase that we don't know about. The uncomfortable truth is that most code never gets a thorough security review. Vulnerabilities accumulate quietly in active repositories, across languages and teams, often...

GitHub: CVE-2026-32631 'git clone' from manipulated repositories can leak NTLM hashes

CVE-2026-32631 is regarding a vulnerability where it is possible to obtain a user's NTLM hash by tricking them into cloning a malicious repository, or checking out a malicious branch that accesses an attacker-controlled server. By default, NTLM authentication does not need any user interaction...

Exploit for CVE-2026-40175

audit-axios Scan local repos for vulnerable axios versions an...

[SECURITY] Fedora 43 Update: trivy-0.69.3-1.fc43

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more...