CVE-2026-9312 – GitHub Enterprise Server

CVSS 8.2 IMPORTANT

“A critical request-forgery weakness can turn trusted development infrastructure into an internal attack platform.”

GitHub released a patch for a critical vulnerability affecting Enterprise Server. CVE-2026-9312 has a CVSS score of 9.2, which is Critical severity.

The vulnerability involves a server-side request forgery weakness that could allow attackers to force affected systems to send unintended requests to internal or external resources. Successful exploitation could expose internal services, sensitive network information, or backend systems that are not intended to be directly accessible. The update strengthens request validation controls and reduces the risk of unauthorized access through manipulated server-side requests.

Key Details

Affected Product: Github Enterprise Server
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
CWE Classification: CWE-918

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-9312 – GitHub Enterprise Server

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002