Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 1:22 a.m.4 views

CVE-2026-1999

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to merge their own pull request into a repository without having push access by exploiting an authorization bypass in the enableautomerge mutation for pull requests. This issue only affect...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2026/02/18 9:16 p.m.5 views

CVE-2026-1999

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to merge their own pull request into a repository without having push access by exploiting an authorization bypass in the enableautomerge mutation for pull requests. This issue only affect...

7.1CVSS0.00235EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/18 8:44 p.m.5 views

CVE-2026-1999 Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized merging of pull requests

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to merge their own pull request into a repository without having push access by exploiting an authorization bypass in the enableautomerge mutation for pull requests. This issue only affect...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References3
CVE
CVE
added 2026/02/18 8:44 p.m.17 views

CVE-2026-1999

CVE-2026-1999 affects GitHub Enterprise Server and is an incorrect authorization vulnerability in the enable_auto_merge mutation for pull requests. An attacker could merge their own PR into a repository without push access under specific conditions: the repository must allow forking, a clean PR s...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/18 8:44 p.m.25 views

CVE-2026-1999 Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized merging of pull requests

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to merge their own pull request into a repository without having push access by exploiting an authorization bypass in the enableautomerge mutation for pull requests. This issue only affect...

7.1CVSS0.00235EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.8 views

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. There are security vulnerabilities in versions of GitHub Enterprise Server prior ...

7.1CVSS5.8AI score0.00235EPSS
Exploits0References9
Rows per page
Query Builder