Serial number: AV26-512
Date: May 27, 2026
On May 26, 2026, GitHub published security advisories to address vulnerabilities in the following products:
- GitHub Enterprise Server – versions 3.20.x prior to 3.20.3
- GitHub Enterprise Server – versions 3.19.x prior to 3.19.7
- GitHub Enterprise Server – versions 3.18.x prior to 3.18.10
- GitHub Enterprise Server – versions 3.17.x prior to 3.17.16
- GitHub Enterprise Server – versions 3.16.x prior to 3.16.19
GitHub has stated that future patches and releases will be signed with a new public key, and customers will need to rotate to the new key before those patches and releases can be installed.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.