Known Vulnerabilities for products from GitHub
Listed below are 20 of the newest known vulnerabilities associated with the vendor "GitHub".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59947 json | Not Provided | 2026-07-08 | 2026-07-09 | |
| CVE-2026-59831 json | Not Provided | 2026-07-09 | 2026-07-09 | |
| CVE-2026-59710 json | Not Provided | 2026-07-06 | 2026-07-07 | |
| CVE-2026-58578 json | Not Provided | 2026-07-02 | 2026-07-07 | |
| CVE-2026-58370 json | Not Provided | 2026-06-30 | 2026-07-02 | |
| CVE-2026-57285 json | Not Provided | 2026-06-24 | 2026-06-24 | |
| CVE-2026-56422 json | Not Provided | 2026-06-22 | 2026-06-22 | |
| CVE-2026-56357 json | Not Provided | 2026-06-22 | 2026-06-23 | |
| CVE-2026-56270 json | Not Provided | 2026-06-24 | 2026-06-24 | |
| CVE-2026-55790 json | Not Provided | 2026-07-01 | 2026-07-02 | |
| CVE-2026-48501 json | GitHub CLI (gh) is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization head... | Not Provided | 2026-05-29 | 2026-06-03 |
| CVE-2026-45803 json | `gh` is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in G... | Not Provided | 2026-05-15 | 2026-05-21 |
| CVE-2026-45033 json | GitHub Copilot CLI brings AI-powered coding assistance directly to your command line. Prior to 1.0.43, a security vulnerabil... | Not Provided | 2026-05-13 | 2026-06-02 |
| CVE-2026-29783 json | The shell tool within GitHub Copilot CLI versions prior to and including 0.0.422 can allow arbitrary code execution through c... | Not Provided | 2026-03-06 | 2026-05-18 |
| CVE-2026-14340 json | An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a user-to-server token scope... | Not Provided | 2026-07-01 | 2026-07-06 |
| CVE-2026-10585 json | A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker... | Not Provided | 2026-06-30 | 2026-07-02 |
| CVE-2026-9312 json | A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated... | Not Provided | 2026-05-27 | 2026-06-30 |
| CVE-2026-9132 json | A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read s... | Not Provided | 2026-06-30 | 2026-07-02 |
| CVE-2026-9106 json | A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain uni... | Not Provided | 2026-06-30 | 2026-07-02 |
| CVE-2026-8606 json | A Server-Side Request Forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cau... | Not Provided | 2026-05-27 | 2026-06-01 |