CVE-2026-34391 Fleet Vulnerable to Windows MDM cross-device command disclosure

Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing allows a malicious enrolled device to access MDM commands intended for other devices, potentially exposing sensitive configuration data such as WiFi credentials, VPN secrets...

CVE-2026-23518

Fleet is open source device management software. In versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, a vulnerability in Fleet's Windows MDM enrollment flow could allow an attacker to submit forged authentication tokens that are not properly validated. Because JWT signatures were not...

EUVD-2020-12281

Malware in sbrugna...

EUVD-2020-12084

Malware in sbrugna...

EUVD-2020-2455

Malware in sbrugna...

EUVD-2020-2324

Malware in sbrugna...

EUVD-2020-12207

Malware in sbrugna...

EUVD-2022-27146

Malicious code in bioql PyPI...

CVE-2020-1405

An elevation of privilege vulnerability exists when Windows Mobile Device Management MDM Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1372...

CVE-2020-0854

An elevation of privilege vulnerability exists when Windows Mobile Device Management MDM Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'...

CVE-2020-1330

An information disclosure vulnerability exists when Windows Mobile Device Management MDM Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability'...

CVE-2020-1204

An elevation of privilege vulnerability exists when Windows Mobile Device Management MDM Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'...

The vulnerability of Windows Mobile Device Management for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of Windows Mobile Device Management for Windows operating systems is related to improper code generation. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2022-21992

Windows Mobile Device Management Remote Code Execution Vulnerability...

CVE-2021-43880 Windows Mobile Device Management Elevation of Privilege Vulnerability

...

CVE-2021-24084

Windows Mobile Device Management Information Disclosure Vulnerability...

Windows Mobile Device Management Information Disclosure Vulnerability

...

CVE-2020-1405

An elevation of privilege vulnerability exists when Windows Mobile Device Management MDM Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1372...

CVE-2020-1330

An information disclosure vulnerability exists when Windows Mobile Device Management MDM Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability'...

KB4538461: Windows 10 Version 1809 and Windows Server 2019 March 2020 Security Update

The remote Windows host is missing security update 4538461. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations. An attacker who successfully exploited this vulnerability...