CVE-2026-0573

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.19 GitHub Enterprise Server versions 3.19.2 GitHub Enterprise Server versions 3.18.4 GitHub Enterprise Server versions 3.17.10 GitHub Enterprise Server versions 3.16.13 GitHub Enterprise Server versions 3.15.17 GitHub Enterprise Server versions 3.14.22

Description An URL redirection issue exists in GitHub Enterprise Server. This flaw allows an attacker to control redirects, potentially exposing sensitive authorization tokens. Specifically, the repository pages API improperly handles HTTP redirects when retrieving artifact URLs, carrying over the authorization header which includes a JWT (JSON Web Token). An authenticated user could redirect these requests to a domain controlled by an attacker, leading to the theft of the Actions.ManageOrgs JWT. This stolen token could then be used for potential remote code execution. Exploitation requires access to the target GitHub Enterprise Server and the ability to exploit a redirect to an attacker-controlled domain.

Recommendations Upgrade to GitHub Enterprise Server version 3.19.2 or later. Upgrade to GitHub Enterprise Server version 3.18.4 or later. Upgrade to GitHub Enterprise Server version 3.17.10 or later. Upgrade to GitHub Enterprise Server version 3.16.13 or later. Upgrade to GitHub Enterprise Server version 3.15.17 or later. Upgrade to GitHub Enterprise Server version 3.14.22 or later.