CVE-2026-48501

Source
https://cve.org/CVERecord?id=CVE-2026-48501
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-48501.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-48501
Aliases
Downstream
Published
2026-05-29T15:14:54.975Z
Modified
2026-07-08T08:13:46.533722346Z
Severity
  • 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
GitHub CLI tokens leak via `gh attestation` commands
Details

GitHub CLI (gh) is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF repository mirrors via gh attestation, gh release verify, and gh release verify-asset commands. The CLI uses a shared HTTP client with an authentication layer that automatically attaches tokens to outgoing requests. This layer lacks accurate host detection and can incorrectly attribute the target host, providing it with a token it should never receive. Specifically, the host normalization logic collapses any *.github.com subdomain to github.com, so a request to tuf-repo.github.com (a GitHub Pages site, not a GitHub API endpoint) is treated as a request to github.com and receives the user's github.com token. For hosts that don't match github.com or a known GHES instance at all, the resolver falls back to GHENTERPRISETOKEN if set. The gh attestation, gh release verify and gh release verify-asset commands fetch data from several external hosts as part of their normal operation (TUF metadata from tuf-repo.github.com and tuf-repo-cdn.sigstore.dev, artifact bundles from Azure Blob Storage). Because these requests go through the same authenticated HTTP client, the token is sent to all of them. This vulnerability is fixed in 2.93.0.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/48xxx/CVE-2026-48501.json",
    "cwe_ids": [
        "CWE-863"
    ],
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/cli/cli

Affected ranges

Type
GIT
Repo
https://github.com/cli/cli
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:github:cli:*:*:*:*:*:*:*:*",
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.93.0"
        }
    ]
}

Affected versions

v0.*
v0.10.0
v0.10.1
v0.11.0
v0.11.1
v0.12.0
v0.4.0
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.7.0
v0.8.0
v0.9.0
v1.*
v1.0.0
v1.1.0
v1.10.0
v1.10.1
v1.10.2
v1.10.3
v1.11.0
v1.12.0
v1.12.1
v1.13.0
v1.14.0
v1.2.0
v1.2.1
v1.3.0
v1.4.0
v1.5.0
v1.6.0
v1.6.1
v1.6.2
v1.7.0
v1.8.0
v1.8.1
v1.9.0
v1.9.1
v1.9.2
v2.*
v2.0.0
v2.1.0
v2.10.0
v2.10.1
v2.11.0
v2.11.1
v2.11.2
v2.11.3
v2.12.0
v2.12.1
v2.13.0
v2.14.0
v2.14.1
v2.14.2
v2.14.3
v2.14.4
v2.14.5
v2.14.6
v2.14.7
v2.15.0
v2.16.0
v2.16.1
v2.17.0
v2.18.0
v2.18.1
v2.19.0
v2.2.0
v2.20.0
v2.20.1
v2.20.2
v2.21.0
v2.21.1
v2.21.2
v2.22.0
v2.22.1
v2.23.0
v2.24.0
v2.24.1
v2.24.2
v2.24.3
v2.25.0
v2.25.1
v2.26.0
v2.26.1
v2.27.0
v2.3.0
v2.30.0
v2.31.0
v2.32.0
v2.32.1
v2.33.0
v2.34.0
v2.35.0
v2.36.0
v2.37.0
v2.38.0
v2.39.0
v2.39.1
v2.39.2
v2.4.0
v2.40.0
v2.40.1
v2.41.0
v2.42.0
v2.42.1
v2.43.0
v2.43.1
v2.44.0
v2.44.1
v2.45.0
v2.46.0
v2.47.0
v2.48.0
v2.49.0
v2.49.1
v2.49.2
v2.5.0
v2.5.1
v2.5.2
v2.50.0
v2.51.0
v2.52.0
v2.53.0
v2.54.0
v2.55.0
v2.56.0
v2.57.0
v2.58.0
v2.59.0
v2.6.0
v2.60.0
v2.60.1
v2.61.0
v2.62.0
v2.63.0
v2.63.1
v2.63.2
v2.64.0
v2.65.0
v2.66.0
v2.66.1
v2.67.0
v2.68.0
v2.68.1
v2.69.0
v2.7.0
v2.70.0
v2.71.0
v2.71.1
v2.71.2
v2.72.0
v2.73.0
v2.74.0
v2.74.1
v2.74.2
v2.75.0
v2.75.1
v2.76.0
v2.76.1
v2.76.2
v2.77.0
v2.78.0
v2.79.0
v2.8.0
v2.80.0
v2.81.0
v2.82.0
v2.82.1
v2.83.0
v2.83.1
v2.83.2
v2.85.0
v2.86.0
v2.87.0
v2.87.1
v2.87.2
v2.87.3
v2.88.0
v2.88.1
v2.89.0
v2.9.0
v2.90.0
v2.91.0
v2.92.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-48501.json"