Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint

Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification Service APNS tokens — through a...

GHSA-X4QR-QW6H-WVXQ Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint

Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification Service APNS tokens — through a...

SUSE CVE-2026-26186

Fleet is open source device management software. A SQL injection vulnerability in versions prior to 4.80.1 allowed authenticated users to inject arbitrary SQL expressions via the orderkey query parameter. Due to unsafe use of goqu.I when constructing the ORDER BY clause, specially crafted input...

Fleet has an SQL Injection vulnerability via backtick escape in ORDER BY parameter

Summary A SQL Injection vulnerability in Fleet’s software versions API allowed authenticated users to inject arbitrary SQL expressions via the orderkey query parameter. Due to unsafe use of goqu.I when constructing the ORDER BY clause, specially crafted input could escape identifier quoting and b...

CVE-2026-26186

Fleet is open source device management software. A SQL injection vulnerability in versions prior to 4.80.1 allowed authenticated users to inject arbitrary SQL expressions via the orderkey query parameter. Due to unsafe use of goqu.I when constructing the ORDER BY clause, specially crafted input...

CVE-2026-26186 Fleet has a SQL injection via backtick escape in ORDER BY parameter

Fleet is open source device management software. A SQL injection vulnerability in versions prior to 4.80.1 allowed authenticated users to inject arbitrary SQL expressions via the orderkey query parameter. Due to unsafe use of goqu.I when constructing the ORDER BY clause, specially crafted input...

CVE-2026-26186

Fleet is affected by a SQL injection in versions prior to 4.80.1. The flaw stems from unsafe use of goqu.I() while building the ORDER BY clause, allowing an authenticated user to inject arbitrary SQL expressions via the order_key parameter. This can enable blind SQL injection techniques to disclo...

CVE-2026-26186 Fleet has a SQL injection via backtick escape in ORDER BY parameter

Fleet is open source device management software. A SQL injection vulnerability in versions prior to 4.80.1 allowed authenticated users to inject arbitrary SQL expressions via the orderkey query parameter. Due to unsafe use of goqu.I when constructing the ORDER BY clause, specially crafted input...

Fleet SQL注入漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. Versions of Fleet prior to 4.80.1 contained a SQL...

PT-2026-22054

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.80.1 Description Fleet is open source device management software. A SQL injection issue exists due to unsafe use of goqu.I when constructing the ORDER BY clause. This allows authenticated users to inject arbitrary SQL...

Tickera < 3.5.2.5 - Ticket leakage through IDOR

Description The plugin does not prevent users from leaking other users' tickets. After a user has bought a ticket, an example of a ticket would look like https://www.website.com/?downloadticket=1&orderkey=1234567890&downloadticketnonce=ab903b7c71, but due to missing validation, the URL can be...