VULNRABLE / Vulnerability / CVE-2026-46371
CVE-2026-46371
MEDIUM github.com/fleetdm/fleet/v4 GHSA
CVSS Score
5.5
Severity
MEDIUM
EPSS
0%
Source
GHSA
Summary
Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint
What this means
CVE-2026-46371 is a medium-severity vulnerability affecting github.com/fleetdm/fleet/v4, rated CVSS 5.5. The EPSS model estimates a 0% probability of exploitation in the next 30 days. Published June 13, 2026.
View full advisory at GHSA →