GitHub `Kernel#send()` Flaw Exposed Secrets and Enabled GHES RCE Path
A vulnerability tracked as CVE-2024-0200 allowed attackers with organization owner privileges to abuse an unsafe Ruby Kernel#send() call in GitHub’s organization repository settings flow and invoke unintended zero-argument methods on Repository objects. Researchers showed the bug could be used to trigger Repository::GitDependency#nw_fsck() and leak roughly 2 MB of environment variables from a production GitHub.com container, exposing access keys, secrets, and internal configuration because spawned git processes inherited the parent environment.
The issue affected GitHub.com and GitHub Enterprise Server (GHES) instances with GitHub Actions enabled, but the impact was more severe on GHES. STAR Labs reported that leaked variables on GHES could include ENTERPRISE_SESSION_SECRET and other Marshal-related secrets, which could be chained with forged Rails session cookies and an unsafe Marshal.load path to achieve remote code execution. GitHub hotfixed GitHub.com on December 26, 2023, and later released a patch and advisory, while recommended mitigations included allowlisting the rid_key parameter, reducing environment variables passed to git processes, rotating exposed secrets, and monitoring repository_items requests for abnormal rid_key values.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
6 events from the most recent confirmed update back to the earliest known activity.
STAR Labs publishes technical write-up of the GitHub vulnerability chain
STAR Labs publicly detailed the vulnerability chain, exploitation method, impact on GitHub.com and GHES, and detection and mitigation recommendations. The write-up described the environment variable disclosure and the GHES path to remote code execution.
GitHub releases patch and public announcement for CVE-2024-0200
GitHub published a patch and advisory for CVE-2024-0200, covering affected GitHub Enterprise Server deployments. The announcement disclosed the vulnerability and made remediation available to customers.
Research shows GHES exposure could lead to remote code execution
Analysis of GitHub Enterprise Server showed that leaked environment variables could include ENTERPRISE_SESSION_SECRET or a Marshal-related secret, which could be combined with forged Rails session cookies and an unsafe Marshal deserialization sink to achieve remote code execution. This extended the impact beyond information disclosure on GitHub.com.
GitHub hotfixes GitHub.com for CVE-2024-0200
GitHub applied a hotfix to GitHub.com during the Christmas holiday period to remediate the vulnerability later assigned CVE-2024-0200. The fix addressed the unsafe method invocation path that enabled environment variable disclosure.
Vulnerability used to leak GitHub.com container environment variables
The researcher exploited the flaw on GitHub.com by invoking Repository::GitDependency#nw_fsck(), disclosing roughly 2 MB of environment variables from a production git worker container. The leaked data included numerous access keys, secrets, and internal configuration values inherited by spawned git processes.
Researcher discovers GitHub send() flaw exposing repository method calls
Ngo Wei Lin identified a vulnerability in GitHub's Organizations::Settings::RepositoryItemsComponent where a user-controlled parameter was passed to Ruby's Kernel#send(), enabling zero-argument arbitrary method invocation on Repository-related objects. The issue affected GitHub.com and GitHub Enterprise Server instances with GitHub Actions enabled and required organization owner privileges.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
Send()-ing Myself Belated Christmas Gifts - GitHub.com's Environment Variables & GHES Shell | STAR Labs
starlabs.sg
Open sourceSend()-ing Myself Belated Christmas Gifts - GitHub.com's Environment Variables & GHES Shell | STAR Labs
starlabs.sg
Open sourceSend()-ing Myself Belated Christmas Gifts: GitHub.com's Environment Variables & GHES Shell | STAR Labs
starlabs.sg
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
GitHub Patched Critical `git push` RCE Affecting Cloud and Enterprise Server
GitHub disclosed and patched **CVE-2026-3854**, a critical command-injection flaw in its `git push` pipeline that allowed an authenticated user with repository push access to trigger remote code execution using a single crafted push. Wiz reported the bug on March 4, and GitHub said it reproduced the issue within about 40 minutes and deployed a fix to GitHub.com within roughly two hours, later publishing patches for supported GitHub Enterprise Server releases including **3.14.24, 3.15.19, 3.16.15, 3.17.12, 3.18.6, and 3.19.3**. The vulnerability stemmed from unsanitized user-supplied push option values being inserted into internal `X-Stat` headers, enabling attackers to inject trusted metadata, bypass sandboxing, and execute commands as the `git` service user. Researchers said the flaw could have led to **full server compromise** on GitHub Enterprise Server and, on GitHub.com, code execution on shared storage infrastructure where millions of repositories were accessible to the git service account, creating potential cross-tenant exposure. GitHub said forensic analysis and telemetry found **no evidence of malicious exploitation** and no indication that customer data was accessed, modified, or exfiltrated, but urged Enterprise Server administrators to upgrade immediately and review logs for suspicious push activity. Wiz described the bug as easy to exploit and highlighted its use of AI-assisted reverse engineering tools, including **IDA MCP**, to uncover the issue in GitHub’s closed-source components.
May 6, 2026
GitHub Enterprise Server patches critical SSRF and Dirty Frag privilege escalation flaws
GitHub released urgent security updates for GitHub Enterprise Server to fix multiple severe vulnerabilities affecting versions `3.16` through `3.20`, led by **CVE-2026-9312**, a critical pre-authentication SSRF flaw in an upload endpoint. The bug allowed unauthenticated attackers to craft requests with path traversal content and force the appliance to make internal HTTP requests, potentially exposing internal services, credentials, and configuration data. GitHub said the issue was reported through its bug bounty program and remediated in `3.16.20`, `3.17.17`, `3.18.11`, `3.19.8`, `3.20.4`, and `3.21.1`. The updates also address the high-severity Linux kernel local privilege-escalation flaws **CVE-2026-43284** and **CVE-2026-43500**, known as **Dirty Frag**, which could let a local user gain root on vulnerable appliances. Additional fixes and hardening cover a timing side-channel issue and another SSRF-related weakness tied to package and notebook-related functionality, including environments with GitHub Packages enabled or private mode disabled. GitHub revoked the signing key for GHES release packages and instructed administrators to rotate trusted local GPG public keys before installing the patched releases, urging rapid upgrades for internet-facing and shared multi-tenant deployments.
May 27, 2026
GitHub Actions flaws exposed repositories to token leaks and privileged workflow compromise
Researchers and maintainers disclosed multiple GitHub Actions security issues that could let attackers steal credentials or gain code execution in CI/CD pipelines. Sansec and Packagist warned that older Composer releases could print raw `GITHUB_TOKEN` values into GitHub Actions logs after rejecting GitHub’s newer hyphenated token format, creating a supply-chain risk for PHP projects, especially public repositories and older repositories where the default token still had write access. Composer issued fixes in versions `2.9.8`, `2.2.28`, and `1.10.28`, while GitHub rolled back the token format rollout to reduce immediate exposure. Separate disclosures showed how workflow design and cache handling can turn limited CI access into broader repository compromise. A newly assigned `CVE-2026-42603` affects OWASP BLT before `2.1.2`, where a privileged `pull_request_target` workflow checked out and executed code from an attacker-controlled fork, enabling remote code execution with repository write permissions. Earlier research on GitHub Actions cache poisoning described "Actions Cache Blasting," a technique that abuses client-controlled cache keys, cache eviction, and lingering runtime tokens to replace cached artifacts used by more privileged workflows, potentially leading to secret disclosure, release-signing compromise, and tampered build outputs without visible changes in source code or workflow logs.
May 14, 2026