Lucene search
K

4 matches found

CVE
CVE
added 7 hours ago14 views

CVE-2026-44938

CVE-2026-44938 affects Fleet’s agent-side deployer, which did not filter security‑sensitive keys from namespaceLabels when applying them to a target namespace. An attacker with git push access to a Fleet-monitored repo could overwrite Pod Security Standards (PSS) enforcement labels, weakening adm...

8.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 6 days ago4 views

GHSA-864G-863M-VCVQ Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent

Impact A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a...

8.8CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-41085

Improper Input Validation CWE-20 in Kibana can lead to a denial of service via Input Data Manipulation CAPEC-153. An authenticated user can submit a specially crafted Fleet policy input that is not correctly validated, which can render Fleet agent, server, and policy management functionality...

6.5CVSS5.8AI score0.00251EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-54866

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description Improper input validation in the Fleet policy management functionality allows an authenticated user to submit specially crafted input. This can lead to a denial of service, rendering the Fleet...

6.5CVSS5.8AI score0.00251EPSS
Exploits0References5
Rows per page
Query Builder