Package impact
GO / github.com/fleetdm/fleet/v4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-26191 | critical | 9.8 | 9.8 | 14d ago | Fleet vulnerable to OS command injection in software packages | |||
| CVE-2026-46356 | high | 7.5 | 7.5 | 14d ago | Fleet: IP spoofing allows bypassing API rate limiting | |||
| CVE-2026-24899 | high | 7.5 | 7.5 | 14d ago | Fleet Windows MDM Azure AD JWT Authentication Bypass | |||
| CVE-2026-23998 | high | 7.5 | 7.5 | 14d ago | Fleet has a Windows MDM management endpoint authentication bypass | |||
| CVE-2026-26062 | medium | 6.5 | 6.5 | 14d ago | Fleet server may terminate unexpectedly when handling certain gRPC requests | |||
| CVE-2026-24000 | medium | 5.3 | 5.3 | 14d ago | Fleet has a rate limiting bypass via untrusted client IP headers |