2 matches found
CVE-2026-5845
An improper authorization vulnerability in scoped user-to-server ghu token authorization in GitHub Enterprise Server allows an authenticated attacker to access private repositories outside the intended installation scope, which can include write operations, via an authorization fallback that...
CVE-2026-5845 Improper authorization fallback allows scoped user-to-server token installation escape in GitHub Enterprise Server
An improper authorization vulnerability in scoped user-to-server ghu token authorization in GitHub Enterprise Server allows an authenticated attacker to access private repositories outside the intended installation scope, which can include write operations, via an authorization fallback that...