Resource exhaustion in Github Enterprise Server
CVE-2026-15007
A denial of service vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to cause service disruption by supplying a repository release notes configuration file containing deeply nested YAML. When rele…
Affected products
- Github Enterprise Server — versions 3.17.0, 3.18.0, 3.19.0
Weakness classification (CWE)
References
- product-cna@github.com (release-notes)
- product-cna@github.com (release-notes)
- product-cna@github.com (release-notes)
- product-cna@github.com (release-notes)
- product-cna@github.com (release-notes)