CVE-2025-6981 – GitHub Enterprise Server Unauthorized Read Access Vulnerability

July 16, 2025

CVE ID : CVE-2025-6981

Published : July 15, 2025, 9:15 p.m. | 5 hours, 38 minutes ago

Description : An incorrect authorization vulnerability allowed unauthorized read access to the contents of internal repositories for contractor accounts when the Contractors API feature was enabled. The Contractors API is a rarely-enabled feature in private preview. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.18 and was fixed in versions 3.14.15, 3.15.10, 3.16.6 and 3.17.3

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleApache Tomcat Coyote Vulnerability Let Attackers Trigger DoS Attack

Next Article CVE-2025-53906 – Vim Zip File Path Traversal Vulnerability

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Native vs hybrid vs cross-platform: Resolving the trilemma

JetBrains updates Junie, Gemini API adds embedding model, and more – Daily News Digest

Cyberpunk 2077 Update 2.3 is bringing more vehicle customization, photo mode options, and one amazing new feature — launching this week

The cheapest place to get my games just got even cheaper — get an extra 10% off while you can

Destiny 2: The Edge of Fate reviews open ‘Mixed’ on Steam, with a player count only a fraction of The Final Shape’s — I’m surprised it’s this low after a new expansion

A rare opportunity is here to get an HP gaming laptop for only $500 — NVIDIA RTX graphics and a 144Hz display at a bargain price

The details of TC39’s last meeting

The details of TC39’s last meeting

Vector Search Embeddings and RAG

Python Meets Power Automate: Trigger via URL

Cyberpunk 2077 Update 2.3 is bringing more vehicle customization, photo mode options, and one amazing new feature — launching this week

Cyberpunk 2077 Update 2.3 is bringing more vehicle customization, photo mode options, and one amazing new feature — launching this week

The cheapest place to get my games just got even cheaper — get an extra 10% off while you can

Destiny 2: The Edge of Fate reviews open ‘Mixed’ on Steam, with a player count only a fraction of The Final Shape’s — I’m surprised it’s this low after a new expansion

CVE-2025-6981 – GitHub Enterprise Server Unauthorized Read Access Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

AI and Machine Learning in Selenium Testing: Revolutionizing Test Automation

NVIDIA RTX GPUs can’t get past the ‘Hell Is Us’ demo intro without crashing — developer offers a temporary fix

CVE-2025-0853 – WordPress PGS Core Plugin SQL Injection Vulnerability

Prompt Engineering for Web Development

Google’s New AI “Little Language Experiments” Teaches You to Talk Like a Local

Critical Flaws in Phoenix Contact EV Charging Controllers Expose Infrastructure to Remote Code Execution and Unauthorized Access

CoreDNS DoS Flaw: Unauthenticated Attackers Can Crash Servers via DNS-over-QUIC

Lenovo Just Launched the Gemini-powered Chromebook Plus 14 with “Select to Search” and These Features

CVE-2025-6981 – GitHub Enterprise Server Unauthorized Read Access Vulnerability

Related Posts