CVE-2026-26062— Fleet server may terminate unexpectedly when handling certain gRPC requests

Fleet server may terminate unexpectedly when handling certain gRPC requests

Fleet is open source device management software. Prior to version 4.81.0, Fleet contained a denial-of-service (DoS) issue in the gRPC Launcher `PublishLogs` endpoint. In affected versions, certain unexpected input values were not handled gracefully, which could cause the Fleet server process to terminate while processing an authenticated request from an enrolled Launcher host. An authenticated attacker with access to any enrolled Launcher node key could cause an immediate and complete denial of service by sending a single gRPC request to the `PublishLogs` endpoint. This vulnerability impacts availability only. There is no exposure of sensitive data, no authentication bypass, no privilege escalation, and no integrity impact. Version 4.81.0 contains a patch. If upgrading immediately is not possible, the following mitigations can reduce exposure. Restrict network access to the Fleet gRPC endpoint where feasible (for example, limiting inbound access to known host IP ranges); deploy Fleet behind infrastructure that terminates or filters gRPC traffic if Launcher log ingestion is not required; and/or monitor for repeated Fleet process crashes or unexpected restarts indicating potential exploitation.

N/A

输入验证不恰当

Fleet 输入验证错误漏洞

Fleet是Fleet Device Management开源的一个设备管理平台，支持多种操作系统和设备，帮助 IT 和安全团队进行设备管理、漏洞报告、MDM 等操作。 Fleet 4.81.0之前版本存在输入验证错误漏洞，该漏洞源于gRPC Launcher的PublishLogs端点未优雅处理某些意外输入值，可能导致经过身份验证的攻击者通过发送单个gRPC请求导致Fleet服务器进程终止，造成拒绝服务。

N/A

N/A