cvedb.io
CVE-2026-34388
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2026-03-27T20:16:35.800 · Last modified 2026-06-17T10:38:59.743

Summary

Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to crash the entire Fleet server process by sending an unexpected log type value. The server terminates immediately, disrupting all connected hosts, MDM enrollments, and API consumers. Version 4.81.0 patches the issue.

Affected products

fleetdm — fleet

Does this affect you?

Add your gear to cvedb and we'll alert you only when fleetdm ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.