CVE-2026-3307 — An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated by — CVE Database · The Intelligence Room