CVE-2026-59831
Undergoing Analysis Undergoing Analysis - In Progress

Command Execution in GitHub CLI via Malicious Codespace

Vulnerability report for CVE-2026-59831, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-09

Assigner: GitHub, Inc.

Description

GitHub CLI (gh) is GitHub’s official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow command execution because the command opens a JupyterLab URL supplied by a process inside the Codespace without validating that it is a loopback HTTP or HTTPS address, allowing a crafted vscode:// or vscode-insiders:// URL to be handed to VS Code. This issue is fixed in version 2.96.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-09
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
github github_cli From 2.10.0 (inc) to 2.95.0 (inc)
github github_cli 2.96.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-829 The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in GitHub CLI (gh) versions 2.10.0 through 2.95.0 when using the command 'gh codespace jupyter' to connect to a Codespace. The command opens a JupyterLab URL provided by a process inside the Codespace without verifying that the URL is a loopback HTTP or HTTPS address. Because of this lack of validation, a malicious actor can supply a crafted vscode:// or vscode-insiders:// URL that gets handed off to Visual Studio Code, potentially allowing command execution.

The issue is resolved in version 2.96.0 of GitHub CLI.

Impact Analysis

This vulnerability can allow an attacker to execute commands on your system by tricking the GitHub CLI into opening a malicious URL through Visual Studio Code. This could lead to unauthorized actions or compromise of your environment when connecting to a malicious Codespace.

Mitigation Strategies

To mitigate this vulnerability, upgrade the GitHub CLI (gh) tool to version 2.96.0 or later, where the issue is fixed.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-59831. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart