Known Vulnerabilities for products from Fleetdm
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Fleetdm".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34391 json | Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing a... | Not Provided | 2026-03-27 | 2026-04-02 |
| CVE-2026-34389 json | Fleet is open source device management software. Prior to 4.81.0, Fleet contained an issue in the user invitation flow where ... | Not Provided | 2026-03-27 | 2026-04-02 |
| CVE-2026-34388 json | Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher ... | Not Provided | 2026-03-27 | 2026-04-02 |
| CVE-2026-34387 json | Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software insta... | Not Provided | 2026-03-27 | 2026-04-07 |
| CVE-2026-34386 json | Fleet is open source device management software. Prior to 4.81.0, a SQL injection vulnerability in Fleet's MDM bootstrap pack... | Not Provided | 2026-03-27 | 2026-04-02 |
| CVE-2026-34385 json | Fleet is open source device management software. Prior to 4.81.0, a second-order SQL injection vulnerability in Fleet's Apple... | Not Provided | 2026-03-27 | 2026-04-07 |
| CVE-2026-29180 json | Fleet is open source device management software. Prior to 4.81.1, a broken access control vulnerability in Fleet's host trans... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-27806 json | Fleet is open source device management software. Prior to 4.81.1, the Orbit agent's FileVault disk encryption key rotation fl... | Not Provided | 2026-04-08 | 2026-04-14 |
| CVE-2026-26061 json | Fleet is open source device management software. Prior to 4.81.0, Fleet contained multiple unauthenticated HTTP endpoints tha... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-26060 json | Fleet is open source device management software. Prior to 4.81.0, a vulnerability in Fleet’s password management logic coul... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2022-24841 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.1 - HIGH | 2022-04-18 | 2022-04-27 |
| CVE-2022-23600 json | fleet is an open source device management, built on osquery. Versions prior to 4.9.1 expose a limited ability to spoof SAML a... | 6.5 - MEDIUM | 2022-02-04 | 2022-02-11 |
| CVE-2021-21296 json | Fleet is an open source osquery manager. In Fleet before version 3.7.0 a malicious actor with a valid node key can send a bad... | 2.7 - LOW | 2021-02-10 | 2022-10-21 |
| CVE-2020-26276 json | Fleet is an open source osquery manager. In Fleet before version 3.5.1, due to issues in Go's standard library XML parsing, a... | 9.8 - CRITICAL | 2020-12-17 | 2020-12-18 |
Known software with vulnerabilities from Fleetdm
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Fleetdm | Fleet | 3.3.0 |