CVE-2026-1355 is a missing authorization vulnerability (CWE-862) found in GitHub Enterprise Server versions prior to 3.20. The flaw exists in the repository migration upload endpoint, where the system fails to properly verify that the authenticated user is authorized to upload content to a specific repository migration export. By supplying a migration identifier belonging to another user, an attacker with authenticated access can overwrite or replace the victim’s migration archive. This manipulation can cause victims to unknowingly download and restore attacker-controlled repository data during migration restores or automated imports, potentially compromising the integrity of the victim’s codebase or introducing malicious code. The vulnerability requires the attacker to have authenticated access to the GitHub Enterprise Server instance but does not require elevated privileges beyond that. The vulnerability was responsibly disclosed through the GitHub Bug Bounty program and patched in versions 3.19.2, 3.18.5, 3.17.11, 3.16.14, 3.15.18, and 3.14.23. The CVSS v4.0 score is 6.0 (medium severity), reflecting network attack vector, low attack complexity, partial privileges required, no user interaction, and high impact on integrity. No public exploits have been reported to date.

The primary impact of this vulnerability is on the integrity of repository data during migration processes within GitHub Enterprise Server environments. An attacker able to overwrite migration archives can cause victims to import malicious or tampered code, potentially leading to the introduction of backdoors, malware, or other unauthorized changes into critical codebases. This can undermine software supply chain security, disrupt development workflows, and damage organizational trust in their internal version control infrastructure. Since GitHub Enterprise Server is widely used by enterprises for private code hosting, the vulnerability poses a risk to organizations relying on migration or backup/restore operations. Although exploitation requires authenticated access, insider threats or compromised credentials could enable attacks. The absence of known exploits reduces immediate risk, but the potential for supply chain compromise makes this a significant concern for organizations with sensitive or critical software development projects.

Organizations should immediately upgrade affected GitHub Enterprise Server instances to the patched versions (3.19.2 or later). Additionally, implement strict access controls and monitoring around repository migration operations to detect unusual upload activity. Enforce strong authentication mechanisms such as multi-factor authentication (MFA) to reduce the risk of credential compromise. Audit and restrict user privileges to minimize the number of users with migration upload capabilities. Regularly review migration logs for unauthorized or suspicious actions. Consider implementing additional validation or integrity checks on migration archives before import to detect tampering. Educate administrators and developers about the risks of repository migration manipulation and encourage prompt patching of GitHub Enterprise Server deployments. Finally, maintain an incident response plan to address potential supply chain compromise scenarios.