CVE-2026-48501

Name of the Vulnerable Software and Affected Versions GitHub CLI versions prior to 2.93.0

Description GitHub CLI incorrectly includes authorization headers in API requests to TUF repository mirrors when using the gh attestation, gh release verify, and gh release verify-asset commands. The tool utilizes a shared HTTP client with an authentication layer that automatically attaches tokens to outgoing requests but lacks accurate host detection. Specifically, the host normalization logic collapses any *.github.com subdomain to github.com, causing requests to tuf-repo.github.com (a GitHub Pages site) to be treated as requests to github.com and thus include the user's token. For hosts that do not match github.com or a known GHES instance, the resolver may fall back to using the GH ENTERPRISE TOKEN if it is set. Consequently, tokens are sent to external hosts such as tuf-repo-cdn.sigstore.dev and tmaproduction.blob.core.windows.net during normal operations.

Recommendations Update to version 2.93.0. Revoke authentication tokens used with the GitHub CLI, including Personal access tokens and GitHub CLI OAuth app authorizations. Review personal security logs and relevant audit logs for actions associated with personal or enterprise accounts.