cbcvebase.

Github.Com Fleetdm Fleet V4 vulnerabilities

28 known vulnerabilities affecting github.com/fleetdm_fleet_v4.

Total CVEs
28
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH8MEDIUM18UNKNOWN1

Vulnerabilities

Page 2 of 2
CVE-2026-26062P3HIGH≥ 0, < 4.81.02026-05-14
CVE-2026-26062 [HIGH] CWE-20 Fleet server may terminate unexpectedly when handling certain gRPC requests Fleet server may terminate unexpectedly when handling certain gRPC requests ### Summary Fleet contained a denial-of-service (DoS) issue in the gRPC Launcher `PublishLogs` endpoint. In affected versions, certain unexpected input values were not handled gracefully, which could cause the Fleet server process to terminate while processing an authenticated request from an enrolled Launcher host.
ghsa
CVE-2022-23600P3MEDIUM≥ 0, < 4.9.12022-02-07
CVE-2022-23600 [MEDIUM] CWE-284 Limited ability to spoof SAML authentication with missing audience verification in Fleet Limited ability to spoof SAML authentication with missing audience verification in Fleet ### Impact This impacts deployments using SAML SSO in two specific cases: 1. A malicious or compromised Service Provider (SP) could reuse the SAML response to log into Fleet as a user -- only if the user has an account with the same email in Fleet, _and_ the user signs into the maliciou
ghsaosv
CVE-2026-24004P3MEDIUM≥ 0, < 4.80.12026-02-26
CVE-2026-24004 [MEDIUM] CWE-306 Fleet: Unauthenticated Android device disenrollment vulnerability via Pub/Sub endpoint Fleet: Unauthenticated Android device disenrollment vulnerability via Pub/Sub endpoint ### Summary A vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet management. ### Impact If Android MDM is enabled, an attacker cou
ghsaosv
CVE-2026-22808P3MEDIUM≥ 0, < 4.43.5-0.20260111020427-0e6c790803d12026-01-20
CVE-2026-22808 [MEDIUM] CWE-79 Fleet Windows MDM endpoint has a Cross-site Scripting vulnerability Fleet Windows MDM endpoint has a Cross-site Scripting vulnerability ### Summary A cross-site scripting (XSS) vulnerability in Fleet’s Windows MDM authentication flow could allow an attacker to compromise a Fleet user account. In certain cases, this could lead to administrative access and the ability to perform privileged actions on managed devices. ### Impact If Windows MDM is enabled, an attac
ghsaosv
CVE-2026-23999P4MEDIUM≥ 0, < 4.80.12026-02-26
CVE-2026-23999 [MEDIUM] CWE-330 Fleet: Device lock PIN can be predicted if lock time is known Fleet: Device lock PIN can be predicted if lock time is known ### Summary Fleet generated device lock and wipe PINs using a predictable algorithm based solely on the current Unix timestamp. Because no secret key or additional entropy was used, the resulting PIN could potentially be derived if the approximate time the device was locked is known. ### Impact Fleet’s device lock and wipe commands genera
ghsaosv
CVE-2026-41262MEDIUM≥ 0, < 4.85.02026-06-26
CVE-2026-41262 [MEDIUM] CWE-863 Fleet DM Vulnerable to Cross-Team Policy Data Exposure via Global Policy Read Endpoint Fleet DM Vulnerable to Cross-Team Policy Data Exposure via Global Policy Read Endpoint ## Summary The global policy read endpoint (`GET /api/latest/fleet/policies/{policy_id}`) performs authorization against an empty `fleet.Policy{}` struct with nil TeamID, then fetches any policy by ID from the database without verifying the fetched policy actually belongs to the global scope
ghsa
CVE-2026-46371MEDIUM≥ 0, < 4.84.22026-06-12
CVE-2026-46371 [MEDIUM] CWE-200 Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint ### Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification
ghsa
CVE-2026-46370MEDIUM≥ 0, < 4.84.22026-06-12
CVE-2026-46370 [MEDIUM] CWE-200 Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint ### Summary A vulnerability in Fleet's labels host-listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract host enrollment secrets (`node_key`, `orbit_node_key`) through a cursor-based binary search oracle. The end
ghsa
Github.Com Fleetdm Fleet V4 vulnerabilities | cvebase