CVE-2026-26191 | fleetdm fleet up to 4.81.0 os command injection (GHSA-9vcr-g537-3w5v)

May 15, 2026 Yanac

A vulnerability described as critical has been identified in fleetdm fleet up to 4.81.0. This affects an unknown part. Executing a manipulation can lead to os command injection.

This vulnerability is registered as CVE-2026-26191. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More

CVE-2026-26062 | fleetdm fleet up to 4.80.x gRPC Endpoint denial of service (GHSA-x67p-9m2r-fxqv)
CVE-2026-24000 | fleetdm fleet up to 4.80.0 Device Management authentication spoofing (GHSA-j8h8-75h3-jg53)