wid-sec-w-2026-1231 · Published 2026-04-21 · View on BSI CERT-Bund ↗

Microsoft GitHub Enterprise: Multiple Vulnerabilities

CVSS N/A NONE

Risk Summary

Ein Angreifer kann mehrere Schwachstellen in Microsoft GitHub Enterprise ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um beliebigen Programmcode auszuführen, und um Informationen offenzulegen.

CVEs (6)

CVE-2026-3307 CVE-2026-4296 CVE-2026-4821 CVE-2026-5512 CVE-2026-5845 CVE-2026-5921

Affected Vendors

Microsoft

Affected Products (14)

Microsoft · GitHub Enterprise Server <3.20.1

Microsoft · GitHub Enterprise Server 3.20.1

Microsoft · GitHub Enterprise Server <3.19.5

Microsoft · GitHub Enterprise Server 3.19.5

Microsoft · GitHub Enterprise Server <3.18.8

Microsoft · GitHub Enterprise Server 3.18.8

Microsoft · GitHub Enterprise Server <3.17.14

Microsoft · GitHub Enterprise Server 3.17.14

Microsoft · GitHub Enterprise Server <3.16.17

Microsoft · GitHub Enterprise Server 3.16.17

Microsoft · GitHub Enterprise Server <3.15.21

Microsoft · GitHub Enterprise Server 3.15.21

Microsoft · GitHub Enterprise Server <3.14.26

Microsoft · GitHub Enterprise Server 3.14.26

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more