RCE in Fleetdm Fleet

CVE-2026-34387

Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root (macOS/Linux) or SYSTEM (Windows) on…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.001 (32.1th percentile) — read the EPSS interpretation.