CVE-2026-34388
published 2026-03-27CVE-2026-34388: Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated…
PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.26%
17.6th percentile
Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to crash the entire Fleet server process by sending an unexpected log type value. The server terminates immediately, disrupting all connected hosts, MDM enrollments, and API consumers. Version 4.81.0 patches the issue.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fleetdm | fleet | < 4.81.0 | 4.81.0 |
| github.com | fleetdm_fleet_v4 | >= 0 < 4.81.0 | 4.81.0 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv4.06.6MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint in github.com/fleetdm/fleet
osv·2026-04-02
CVE-2026-34388 Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint in github.com/fleetdm/fleet
Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint in github.com/fleetdm/fleet
Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint in github.com/fleetdm/fleet
OSV
Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint
osv·2026-03-30
CVE-2026-34388 [MEDIUM] Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint
Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint
### Summary
A Denial of Service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to crash the entire Fleet server process by sending an unexpected log type value. The server terminates immediately, disrupting all connected hosts, MDM enrollments, and API consumers.
### Impact
An attacker with access to a valid Launcher node key can send a specially crafted gRPC request to the Fleet server that triggers an unrecoverable server crash. The gRPC server lacks appropriate error recovery handling, meaning the entire Fleet process terminates rather than gracefully rejecting the malformed input.
Because the crash is instant and repeatable, an attacker could script repeated request
GHSA
Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint
ghsa·2026-03-30
CVE-2026-34388 [MEDIUM] CWE-703 Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint
Fleet vulnerable to Denial of Service via unhandled gRPC log type in launcher endpoint
### Summary
A Denial of Service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to crash the entire Fleet server process by sending an unexpected log type value. The server terminates immediately, disrupting all connected hosts, MDM enrollments, and API consumers.
### Impact
An attacker with access to a valid Launcher node key can send a specially crafted gRPC request to the Fleet server that triggers an unrecoverable server crash. The gRPC server lacks appropriate error recovery handling, meaning the entire Fleet process terminates rather than gracefully rejecting the malformed input.
Because the crash is instant and repeatable, an attacker could script repeated request
No detection rules found.
No public exploits indexed.
2026-03-27
Published