AI-Powered Reverse Engineering Uncovers High-Severity RCE Bug in GitHub Enterprise Server
GitHub disclosed CVE-2026-3854, a high-severity remote code execution vulnerability in GitHub Enterprise Server, discovered by Wiz using an AI-powered reverse-engineering tool that cut analysis time from weeks to under 48 hours.
GitHub disclosed CVE-2026-3854, a high-severity (CVSS 8.7) remote code execution vulnerability affecting GitHub Enterprise Server and other GitHub products. The flaw, reported by cloud security firm Wiz on March 4 through GitHub's bug bounty program, allows an attacker with an attacker with push access to a repository to achieve remote code execution. GitHub validated the finding, pushed a fix to github.com within two hours, and confirmed no exploitation had occurred.
The vulnerability resides in how user-supplied git push options are handled within internal metadata. As GitHub's Alexis Wales explained, push options are an intentional git feature that allows clients to send key-value strings to the server during a push. However, the values provided by the user were incorporated into internal metadata without sufficient sanitization. Because the internal metadata format used a delimiter character could also appear in user input, an attacker could inject additional fields that downstream services would interpret as trusted internal values. Wiz demonstrated that chaining several such values could bypass protections and achieve remote code execution.
GitHub Enterprise Server customers are urged to upgrade to fixed versions: 3.14.24, 3, 3.15.19, 3.16.15, 3.17.12, 3.18.6, and 3.19.3. GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, GitHub Enterprise Cloud with Enterprise Managed Users, and github.com have been patched automatically, requiring no user action. Wiz researcher Sagi Tzadik noted that 88% of Enterprise Server instances remained vulnerable at the time of publication.
What makes this disclosure particularly noteworthy is the method of discovery. Wiz had been targeting GitHub Enterprise Server since September 2024 but found manual reverse engineering of the closed-source binaries too resource-intensive. Using IDA MCP, an AI-powered assistant for vibe reverse engineering, Wiz reduced the analysis time from an estimated weeks or months to under 48 hours. This marks one of the first critical vulnerabilities discovered in closed-source binaries using AI, signaling a shift in how such flaws are identified.
Sagi Tzadik, the Wiz researcher, told Dark Reading that AI tools made it possible to do what was previously too costly. The closed-source nature of GitHub Enterprise Server historically provided obscurity, but as AI models improve, reverse engineering closed-source binaries and producing working exploits from a CVE identifier and a git commit hash has become much easier, faster, and cheaper. Scale is also a factor — researchers can now run automated pipelines on multiple targets simultaneously.
This development underscores a broader trend: AI is democratizing vulnerability discovery, particularly in closed-source software that has long been a blind spot for security researchers. While this accelerates the identification and patching of dangerous flaws, it also lowers the barrier for malicious actors. The GitHub CVE-2026-3854 case serves as both a success story for AI-assisted security research and a warning that the same tools can be weaponized.