Access Control Flaw in GitHub MCP Server Affects User Privacy
CVE-2026-48529

6MEDIUM

Key Information:

Vendor: Github
Status: Github-mcp-server
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-48529?

The GitHub MCP Server contains an access control vulnerability where a process-global singleton is incorrectly initialized with the credentials of the first authenticated user. This implementation flaw means that subsequent requests from other users access the shared singleton, causing sensitive GraphQL queries to execute under the initial user's credentials rather than the latest user's tokens. This leads to unauthorized access to resources and could potentially expose user-related data. The flaw affects versions 0.22.0 through 1.1.1 and has been addressed in version 1.1.2.

Affected Version(s)

github-mcp-server >= 0.22.0, < 1.1.2

References

https://github.com/github/github-mcp-server/security/advi...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
May 21, 2026

CVE-2026-48529 Data

JSON

Github

What is CVE-2026-48529?

Affected Version(s)

References

CVSS V3.1

Timeline