Vendor

FleetDM

3 briefs RSS

Fleet Server gRPC PublishLogs Endpoint Denial-of-Service Vulnerability (CVE-2026-26062)

Fleet server versions prior to 4.81.0 are vulnerable to a denial-of-service (DoS) via the gRPC Launcher `PublishLogs` endpoint, where unexpected input values can cause the server process to terminate upon receiving a crafted request from an authenticated Launcher host.

fleet/v4 denial-of-service grpc fleet github advisory

2r 1t 1i 57m ago

high threat

Fleet Windows MDM Management Endpoint Authentication Bypass Vulnerability

2 rules 2 TTPs 1 IOC

CVE-2026-23998 describes a vulnerability in Fleet's Windows MDM management endpoint that allows requests to be processed without proper client certificate validation, potentially allowing an attacker to impersonate a device and retrieve sensitive configuration data.

fleet authentication-bypass credential-access mdm

2r 2t 1i 1h ago

high threat

Fleet Windows MDM Azure AD JWT Authentication Bypass Vulnerability

2 rules 2 TTPs 1 IOC

A vulnerability in Fleet versions prior to 4.82.0 allows authentication tokens from any Azure AD tenant to be accepted, enabling unauthorized device enrollment and MDM API access due to improper JWT signature validation, tracked as CVE-2026-24899.

fleetdm/fleet/v4 +1 jwt azuread authentication bypass mdm fleetdm

2r 2t 1i 1h ago