CVE-2026-34387 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to…
Medium CVSS: 5.7

CVE-2026-34387

Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root (macOS/Linux) or SYSTEM (Windows) on managed hosts when an uninstall is triggered for a crafted software package. Version 4.81.1 patches the issue.
Vendor
-
Product
-
CWE
CWE-78
Yayın Tarihi
2026-03-27 19:16:43
Güncelleme
2026-03-30 13:26:29
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-78 MEDIUM 2026

Referanslar

https://github.com/fleetdm/fleet/security/advisories/GHSA-7rhw-5mpv-gp4h