CVE-2026-26062

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.81.0

Description A denial-of-service (DoS) issue exists in the gRPC Launcher "PublishLogs" endpoint. Certain unexpected input values are not handled gracefully, which can cause the server process to terminate while processing an authenticated request from an enrolled Launcher host. An authenticated attacker with access to any enrolled Launcher node key can cause a complete denial of service by sending a single gRPC request to the "PublishLogs" endpoint. This issue impacts availability only, with no exposure of sensitive data, authentication bypass, privilege escalation, or integrity impact.

Recommendations Update to version 4.81.0. Restrict network access to the Fleet gRPC endpoint by limiting inbound access to known host IP ranges. Deploy Fleet behind infrastructure that terminates or filters gRPC traffic if Launcher log ingestion is not required. Monitor for repeated process crashes or unexpected restarts.