6 matches found
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the software installer pipeline that generates uninstall shell scripts without sanitization. An attacker can execute arbitrary system commands with elevated privileges by crafting malicious software package metadat...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the software installer pipeline that generates uninstall shell scripts without sanitization. An attacker can execute arbitrary system commands with elevated privileges by crafting malicious software package metadat...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the software installer pipeline that generates uninstall shell scripts without sanitization. An attacker can execute arbitrary system commands with elevated privileges by crafting malicious software package metadat...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the software installer pipeline that generates uninstall shell scripts without sanitization. An attacker can execute arbitrary system commands with elevated privileges by crafting malicious software package metadat...
CVE-2026-34387
Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root macOS/Linux or SYSTEM Windows on managed hosts when an uninstall is triggered for a crafted...
EUVD-2026-16758
Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root macOS/Linux or SYSTEM Windows on managed hosts when an uninstall is triggered for a crafted...