Package impact
Go / github.com/fleetdm/fleet/v4
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-46356 | high | 7.5 | 7.5 | 14d ago | Fleet: IP spoofing allows bypassing API rate limiting | |
| CVE-2026-24899 | high | 7.5 | 7.5 | 14d ago | Fleet Windows MDM Azure AD JWT Authentication Bypass | |
| CVE-2026-23998 | high | 7.5 | 7.5 | 14d ago | Fleet has a Windows MDM management endpoint authentication bypass | |
| CVE-2026-26062 | medium | 6.5 | 6.5 | 14d ago | Fleet server may terminate unexpectedly when handling certain gRPC requests | |
| CVE-2026-24000 | medium | 5.3 | 5.3 | 14d ago | Fleet has a rate limiting bypass via untrusted client IP headers |