Product

Fleet

3 briefs RSS

Fleet Server gRPC PublishLogs Endpoint Denial-of-Service Vulnerability (CVE-2026-26062)

Fleet server versions prior to 4.81.0 are vulnerable to a denial-of-service (DoS) via the gRPC Launcher `PublishLogs` endpoint, where unexpected input values can cause the server process to terminate upon receiving a crafted request from an authenticated Launcher host.

fleet/v4 denial-of-service grpc fleet github advisory

2r 1t 1i May 14, 2026

high threat

Fleet Windows MDM Management Endpoint Authentication Bypass Vulnerability

2 rules 2 TTPs 1 IOC

CVE-2026-23998 describes a vulnerability in Fleet's Windows MDM management endpoint that allows requests to be processed without proper client certificate validation, potentially allowing an attacker to impersonate a device and retrieve sensitive configuration data.

fleet authentication-bypass credential-access mdm

2r 2t 1i May 14, 2026

critical advisory

Rancher Fleet Helm Impersonation Bypass Vulnerability

2 rules 1 TTP

Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitRepo`.

Fleet +5 rancher helm kubernetes impersonation privilege-escalation cve-2026-41050

2r 1t May 7, 2026