CVE-2026-5921 — A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing sid — CVE Database · The Intelligence Room