4.9
CVE-2026-29180 - Fleet's team maintainer can transfer hosts from any team via missing source team authorization
Fleet is open source device management software. Prior to 4.81.1, a broken access control vulnerability in Fleet's host transfer API allows a team maintainer to transfer hosts from any team into their own team, bypassing team isolation boundaries. Once transferred, the attacker gains full control o…
8.7
CVE-2026-26061 - Fleet's unbounded request body read allows remote Denial of Service
Fleet is open source device management software. Prior to 4.81.0, Fleet contained multiple unauthenticated HTTP endpoints that read request bodies without enforcing a size limit. An unauthenticated attacker could exploit this behavior by sending large or repeated HTTP payloads, causing excessive me…
6
CVE-2026-26060 - Fleet: Password reset tokens remain valid after password change for 24 hours
Fleet is open source device management software. Prior to 4.81.0, a vulnerability in Fleet’s password management logic could allow previously issued password reset tokens to remain valid after a user changes their password. As a result, a stale password reset token could be reused to reset the acco…
6.3
CVE-2025-15612 - Various uses of curl without verifying the authenticity of the SSL certificate, leading to MITM-RCE…
Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies or …
6.3
CVE-2025-15617 - Exposure of the GITHUB_TOKEN in wazuh workflow run artifact
Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB_TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing malicious commits …
