CVE-2026-23998

Fleet is open source device management software. Prior to version 4.81.0, a vulnerability in Fleet’s Windows MDM management endpoint could allow requests to be processed without proper client certificate validation. In certain circumstances, this could allow an attacker to impersonate an enrolled...

Fleet 安全漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. Versions of Fleet prior to 4.80.1 contained security...

Fleet 安全漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, and MDM operations. Versions of Fleet prior to 4.82.0 contained security...

Fleet Denial of Service Vulnerability (CNVD-2026-16892)

Fleet is Fleet Device Management open source a device management platform that supports a wide range of operating systems and devices to help IT and security teams with device management, vulnerability reporting, MDM and more. A denial of service vulnerability exists in Fleet versions prior to...

CVE-2026-26060

Fleet is open source device management software. Prior to 4.81.0, a vulnerability in Fleet’s password management logic could allow previously issued password reset tokens to remain valid after a user changes their password. As a result, a stale password reset token could be reused to reset the...

PT-2026-28631

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.81.1 Description Fleet, an open source device management software, contains an issue in its Windows MDM command processing. A malicious enrolled device can access MDM commands intended for other devices. This could...

Fleet 授权问题漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. Versions of Fleet prior to 4.81.0 contained a...

Fleet 安全漏洞

Fleet is Fleet Device Management open source a device management platform that supports a wide range of operating systems and devices to help IT and security teams with device management, vulnerability reporting, MDM and more. A denial of service vulnerability exists in Fleet versions prior to...

Fleet 代码问题漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. Versions of Fleet prior to 4.81.0 contained code...

EUVD-2026-8826

Fleet: Device lock PIN can be predicted if lock time is known...

Fleet 安全漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. Versions of Fleet prior to 4.80.1 contained security...

PT-2026-22054

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.80.1 Description Fleet is open source device management software. A SQL injection issue exists due to unsafe use of goqu.I when constructing the ORDER BY clause. This allows authenticated users to inject arbitrary SQL...

CVE-2025-27509

fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...

CVE-2025-27509 SAML authentication vulnerability due to improper SAML response validation

fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...