CVE-2026-9312— Server-Side Request Forgery vulnerability in GitHub Enterprise Server allowed access to internal services via path traversal in upload endpoint
Possible ATT&CK Techniques 3AI
T1046 · Network Service Discovery T1530 · Data from Cloud Storage T1557.002 · ARP Cache PoisoningGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-9312
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Server-Side Request Forgery vulnerability in GitHub Enterprise Server allowed access to internal services via path traversal in upload endpoint
Source: NVD (National Vulnerability Database)
Vulnerability Description
A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insufficient input validation in an upload endpoint. By injecting path traversal content into request parameters, an attacker could bypass the intended request flow and redirect internal API calls, potentially accessing internal services and exposing sensitive credentials. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.22 and was fixed in versions 3.16.20, 3.17.17, 3.18.11, 3.19.8, 3.20.4, and 3.21.1. This vulnerability was reported via the GitHub Bug Bounty program.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
服务端请求伪造(SSRF)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| GitHub | Enterprise Server | 3.16.0 ~ 3.16.19 | - |
II. Public POCs for CVE-2026-9312
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-9312
请登录查看更多情报信息。
Vendor Pages for CVE-2026-9312 (4)
IV. Related Vulnerabilities
Same product: Enterprise Server
- CVE-2026-8606
Server-Side Request Forgery in GitHub Enterprise Server via - CVE-2026-8106
Reflected HTML injection vulnerability in GitHub Enterprise - CVE-2026-8034
Server-side request forgery vulnerability in GitHub Enterpri - CVE-2026-7541
Denial of service vulnerability in GitHub Enterprise Server - CVE-2026-6736
Authentication bypass vulnerability in GitHub Enterprise Ser
Same vendor: GitHub
- CVE-2026-8606
Server-Side Request Forgery in GitHub Enterprise Server via - CVE-2026-45033
GitHub Copilot CLI: Nested Bare Repository Can Execute Arbit - CVE-2026-8106
Reflected HTML injection vulnerability in GitHub Enterprise - CVE-2026-8034
Server-side request forgery vulnerability in GitHub Enterpri - CVE-2026-7541
Denial of service vulnerability in GitHub Enterprise Server
Same weakness: CWE-918
- CVE-2026-8606
Server-Side Request Forgery in GitHub Enterprise Server via - CVE-2026-45298
Dozzle: Pre-auth SSRF with response-body reflection via POST - CVE-2026-45412
MaxKB: Unauthenticated SSRF via Workflow Template Import - CVE-2026-42335
MaxKB: SSRF Bypass in MaxKB OSS URL Fetch due to URL Parsing - CVE-2026-2264
Server-Side Request Forgery and Credential Exfiltration in G
V. Comments for CVE-2026-9312
No comments yet