CVE-2026-24899 | fleetdm fleet up to 4.81.x JWKS Endpoint authentication spoofing (GHSA-ffg9-j72f-j6xm)

A vulnerability labeled as critical has been found in fleetdm fleet up to 4.81.x. Affected by this vulnerability is an unknown functionality of the component JWKS Endpoint. Such manipulation leads to authentication bypass by spoofing.

This vulnerability is listed as CVE-2026-24899. The attack may be performed from remote. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More