2 matches found
SUSE CVE-2026-25963
Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet's certificate template deletion API could allow a team administrator to delete certificate templates belonging to other teams within the same Fleet instance. Fleet supports...
Fleet: Authorization Bypass in certificate template batch deletion for team administrators
Summary A broken authorization check in Fleet’s certificate template deletion API could allow a team administrator to delete certificate templates belonging to other teams within the same Fleet instance. Impact Fleet supports certificate templates that are scoped to individual teams. In affected...