Apr 292026 Researchers Discover Critical GitHub CVE-2026–3854 RCE Flaw Exploitable via Single Git Push CVE-2026–3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.
