Lucene search
K

8 matches found

Github Security Blog
Github Security Blog
added 2026/06/12 9:0 p.m.14 views

Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint

Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification Service APNS tokens — through a...

5.5AI score0.00019EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/12 9:0 p.m.5 views

GHSA-X4QR-QW6H-WVXQ Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint

Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification Service APNS tokens — through a...

6.5CVSS5.5AI score0.00019EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/12 9:0 p.m.13 views

Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint

Summary A vulnerability in Fleet's labels host-listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract host enrollment secrets nodekey, orbitnodekey through a cursor-based binary search oracle. The endpoint accepted a user-supplied orderkey parameter that w...

5.4AI score0.00032EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/12 9:0 p.m.6 views

GHSA-VXM7-9X8V-8GM4 Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint

Summary A vulnerability in Fleet's labels host-listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract host enrollment secrets nodekey, orbitnodekey through a cursor-based binary search oracle. The endpoint accepted a user-supplied orderkey parameter that w...

6.5CVSS5.4AI score0.00032EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 8:17 p.m.10 views

CVE-2026-24899

Fleet is open source device management software. Prior to version 4.82.0, a vulnerability in Fleet's Windows MDM enrollment flow allows authentication tokens from any Azure AD tenant to be accepted. Because Fleet validates JWT signatures using Microsoft's multi-tenant JWKS endpoint but does not...

8.2CVSS0.00381EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/27 6:29 p.m.20 views

CVE-2026-34385 Fleet's Apple MDM profile delivery has second-order SQL injection that can compromise the database

Fleet is open source device management software. Prior to 4.81.0, a second-order SQL injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid MDM enrollment certificate to exfiltrate or modify the contents of the Fleet database, including user...

8.6CVSS0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/08/25 12:0 a.m.10 views

PT-2021-22797 · Primekey · Primekey Ejbca

Name of the Vulnerable Software and Affected Versions: PrimeKey EJBCA versions prior to 7.6.0 Description: An issue was discovered where modifications to enrollment secrets in the alias configurations of certain protocols were logged in cleartext in the audit log. This affects the use of protocol...

4CVSS3.8AI score0.00412EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/08/25 12:0 a.m.4 views

Primekey Solutions PrimeKey EJBCA 安全漏洞

Primekey Solutions PrimeKey EJBCA is a full-featured CA system software from PrimeKey Solutions Primekey Solutions, Sweden. The software is used for domain certificate management, enrollment and enrollment-to-certificate validation and other functions to achieve access security. A security...

4CVSS5AI score0.00412EPSS
Exploits0References1
Rows per page
Query Builder