CVE-2026-9132 Overview
CVE-2026-9132 is a missing authorization vulnerability [CWE-862] in GitHub Enterprise Server. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range and rendered the resulting diff without verifying that the requesting user was authorized to view the target repository. An authenticated user with read access to any single repository on the instance could abuse this endpoint to read source code from private repositories they did not have access to. The vulnerability affects all versions of GitHub Enterprise Server prior to 3.21 and was fixed in versions 3.17.17, 3.18.11, 3.19.8, and 3.20.4. GitHub received the report through its Bug Bounty program.
Critical Impact
Authenticated users on affected GitHub Enterprise Server instances can read source code from private repositories they should not have access to, resulting in confidentiality loss across the entire instance.
Affected Products
- GitHub Enterprise Server versions prior to 3.17.17
- GitHub Enterprise Server 3.18.x prior to 3.18.11, and 3.19.x prior to 3.19.8
- GitHub Enterprise Server 3.20.x prior to 3.20.4
Discovery Timeline
- 2026-06-30 - CVE-2026-9132 published to NVD
- 2026-07-02 - Last updated in NVD database
Technical Details for CVE-2026-9132
Vulnerability Analysis
The flaw resides in the Copilot pull request description diff summary endpoint on GitHub Enterprise Server. This endpoint generates a summary of code changes between two references to help authors draft pull request descriptions. It accepts a comparison range that specifies a base and head reference, and it supports cross-repository comparisons where the base and head can live in different repositories.
The endpoint rendered the resulting diff by fetching content from the target repository without checking whether the requesting user held read permissions on that repository. Any authenticated user with read access to at least one repository could supply an arbitrary private repository as the comparison target and receive its source code in the diff response.
Root Cause
The underlying defect is a missing authorization check [CWE-862] on the cross-repository code path of the Copilot diff summary endpoint. Authentication was enforced, and access to the comparison base was validated, but the server did not re-verify authorization against the target repository before returning its content. This is a classic broken access control pattern where server-side logic trusts client-supplied repository identifiers.
Attack Vector
Exploitation requires an authenticated account on the GitHub Enterprise Server instance and read access to at least one repository to use as the comparison base. The attacker crafts a request to the Copilot pull request description diff summary endpoint, supplying the target private repository as the head of the comparison range. The server returns diff output containing source code from the private repository. No user interaction from the victim is required, and the attack is fully network-based against the GHES web interface.
Because no verified proof-of-concept has been published, the exploitation mechanics are described in prose. Refer to the vendor release notes linked below for additional technical context.
Detection Methods for CVE-2026-9132
Indicators of Compromise
- Requests to Copilot pull request description or diff summary endpoints where the base and head references resolve to different repositories.
- Authenticated sessions issuing diff summary requests targeting repositories the user has no explicit membership or team access to.
- Unusual volumes of cross-repository comparison requests originating from a single user or API token.
Detection Strategies
- Review GHES audit logs and reverse proxy logs for requests to Copilot diff summary routes containing cross-repository comparison parameters.
- Correlate repository read events with the requesting user's permission set to surface access that bypasses standard repository ACL enforcement.
- Alert on API tokens or OAuth apps that begin querying repositories outside their historical access pattern shortly after account creation.
Monitoring Recommendations
- Enable and retain GitHub Enterprise Server audit logging with git and API event streams shipped to a central SIEM.
- Baseline normal Copilot endpoint usage per user and flag deviations, particularly requests referencing repositories outside the user's organization memberships.
- Monitor for reconnaissance patterns such as enumeration of repository names or owners followed by diff summary requests.
How to Mitigate CVE-2026-9132
Immediate Actions Required
- Upgrade GitHub Enterprise Server to 3.17.17, 3.18.11, 3.19.8, 3.20.4, or later on the corresponding release train.
- Audit recent access logs for cross-repository Copilot diff summary requests and identify any private repository content that may have been exposed.
- Review and rotate secrets, tokens, and credentials committed to private repositories that could have been accessed by unauthorized users during the exposure window.
Patch Information
GitHub released fixes in GitHub Enterprise Server 3.17.17, 3.18.11, 3.19.8, and 3.20.4. Version 3.21 and later are not affected. Administrators should apply the patch corresponding to their current release train. Refer to the GitHub Enterprise Release Notes 3.17.17, 3.18.11, 3.19.8, and 3.20.4 for upgrade instructions.
Workarounds
- No official workaround has been published; patching is the required remediation path.
- If immediate patching is not possible, restrict instance access to trusted authenticated users and tighten account provisioning to reduce the pool of potential attackers.
- Consider temporarily disabling Copilot pull request features on the instance, if feasible, until the upgrade can be scheduled.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

