Security Advisory

CVE-2026-34387

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-27 18:31:27

Last updated 2026-03-27 19:31:54

Assigner GitHub_M

State PUBLISHED

Description

Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleets software installer pipeline allows an attacker to achieve arbitrary code execution as root (macOS/Linux) or SYSTEM (Windows) on managed hosts when an uninstall is triggered for a crafted software package. Version 4.81.1 patches the issue.

← Browse all CVEs View on cve.org ↗