CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private ...

GitHub’s engineering team developed a fix and deployed it just over an hour after identifying the root cause, protecting both ...

GitHub has fixed a critical remote code execution vulnerability, CVE-2026-3854, that allowed anyone with push access to execute arbitrary commands on its servers. While GitHub.com was patched within ...

GitHub patched critical RCE flaw CVE-2026-3854 in hours, preventing potential repo takeover and enterprise server compromise.

A critical remote code execution and supply chain vulnerability was recently discovered by researchers in Gemini CLI.

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting ...

Join Push Security's free three-part webinar series where top security researchers break down the browser-based attacks driving today's biggest breaches - from AiTM phishing and ConsentFix to ...

Gemini CLI CVSS 10.0 flaw in versions below 0.39.1 enabled RCE in CI workflows, forcing Google to mandate explicit workspace ...

Microsoft-owned open source code hosting platform GitHub has acknowledged and patched a critical vulnerability that allowed ...

Administrators of websites running the Drupal content management software (CMS) are urged to take immediate action to mitigate a newly discovered a vulnerability that can lead to remote execution of ...