CVE-2026-1999 — An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to merge their own pull request into a repository without having push access by exploiting — CVE Database · The Intelligence Room