https://cybercrime.club/tags/cve-2026-3854/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usWed, 29 Apr 2026 11:08:39 -0400https://cybercrime.club/posts/github-cve-2026-3854-git-push-rce-babeld-injection/Wed, 29 Apr 2026 11:08:39 -0400https://cybercrime.club/posts/github-cve-2026-3854-git-push-rce-babeld-injection/Wiz disclosed a CVSS 8.7 RCE in GitHub's internal git push pipeline. Any authenticated user could execute arbitrary commands on backend servers with one git push. 88% of Enterprise Server instances were still unpatched on disclosure day.Vulnerabilities