Product
high
threat
Fleet Windows MDM Azure AD JWT Authentication Bypass Vulnerability
2 rules 2 TTPs 1 IOCA vulnerability in Fleet versions prior to 4.82.0 allows authentication tokens from any Azure AD tenant to be accepted, enabling unauthorized device enrollment and MDM API access due to improper JWT signature validation, tracked as CVE-2026-24899.
fleetdm/fleet/v4 +1
jwt
azuread
authentication
bypass
mdm
fleetdm
2r
2t
1i
high
threat
phpMyFAQ SQL Injection via Unescaped OAuth Token
2 rules 1 TTPphpMyFAQ is vulnerable to SQL injection due to the `setTokenData` function failing to sanitize OAuth token fields from Azure AD JWT claims, potentially allowing attackers to execute arbitrary SQL commands via crafted Azure AD display names or custom claims.
phpMyFAQ <= 4.1.1 +1
sql-injection
oauth
phpmyfaq
2r
1t