CVE-2026-5512: CWE-201 Insertion of sensitive information into sent data in GitHub Enterprise Server
CVE-2026-5512 is an improper authorization vulnerability in GitHub Enterprise Server prior to version 3. 21. It allows an authenticated attacker to discover the names of private repositories by their numeric IDs due to insufficient authorization checks in the mobile upload policy API endpoint. Validation error messages exposed full repository names even when the caller lacked access. This issue was fixed in versions 3. 20. 1 and later. The vulnerability has a medium severity rating with a CVSS score of 5. 3 and was reported through the GitHub Bug Bounty program.
AI Analysis
Technical Summary
This vulnerability in GitHub Enterprise Server involves the mobile upload policy API endpoint failing to perform early authorization checks. As a result, when validation errors occur, the API responses include the full names of private repositories that the authenticated user is not authorized to access, revealing sensitive information. The flaw affects all versions prior to 3.21 and was addressed in patch releases starting from 3.20.1. The issue is categorized under CWE-201 (Insertion of Sensitive Information into Sent Data).
Potential Impact
An authenticated attacker can enumerate private repository names by their numeric IDs, potentially exposing sensitive project information that should remain confidential. This information disclosure could aid further targeted attacks or reconnaissance but does not directly allow unauthorized access or modification of repository contents.
Mitigation Recommendations
This vulnerability has been fixed in GitHub Enterprise Server versions 3.20.1, 3.19.5, 3.18.8, 3.17.14, 3.16.17, 3.15.21, and 3.14.26. Users should upgrade to one of these fixed versions or later to remediate the issue. Since this is an on-premises product, administrators must apply the appropriate update. No other mitigation or workaround is indicated in the available data.
CVE-2026-5512: CWE-201 Insertion of sensitive information into sent data in GitHub Enterprise Server
Description
CVE-2026-5512 is an improper authorization vulnerability in GitHub Enterprise Server prior to version 3. 21. It allows an authenticated attacker to discover the names of private repositories by their numeric IDs due to insufficient authorization checks in the mobile upload policy API endpoint. Validation error messages exposed full repository names even when the caller lacked access. This issue was fixed in versions 3. 20. 1 and later. The vulnerability has a medium severity rating with a CVSS score of 5. 3 and was reported through the GitHub Bug Bounty program.
CVSS v4.0
Score 5.3medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in GitHub Enterprise Server involves the mobile upload policy API endpoint failing to perform early authorization checks. As a result, when validation errors occur, the API responses include the full names of private repositories that the authenticated user is not authorized to access, revealing sensitive information. The flaw affects all versions prior to 3.21 and was addressed in patch releases starting from 3.20.1. The issue is categorized under CWE-201 (Insertion of Sensitive Information into Sent Data).
Potential Impact
An authenticated attacker can enumerate private repository names by their numeric IDs, potentially exposing sensitive project information that should remain confidential. This information disclosure could aid further targeted attacks or reconnaissance but does not directly allow unauthorized access or modification of repository contents.
Mitigation Recommendations
This vulnerability has been fixed in GitHub Enterprise Server versions 3.20.1, 3.19.5, 3.18.8, 3.17.14, 3.16.17, 3.15.21, and 3.14.26. Users should upgrade to one of these fixed versions or later to remediate the issue. Since this is an on-premises product, administrators must apply the appropriate update. No other mitigation or workaround is indicated in the available data.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_P
- Date Reserved
- 2026-04-03T18:21:52.907Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e7faaa19fe3cd2cd0014af
Added to database: 4/21/2026, 10:31:06 PM
Last enriched: 4/29/2026, 11:14:46 AM
Last updated: 6/5/2026, 12:35:44 AM
Views: 113
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.