CVE-2026-23999
EPSS 0.02%Fleet: Device lock PIN can be predicted if lock time is known in github.com/fleetdm/fleet
Published: 2/26/2026Modified: 3/9/2026
Description
Fleet: Device lock PIN can be predicted if lock time is known in github.com/fleetdm/fleet
Affected packages (2)
- Go/github.com/fleetdm/fleet/v4from 0, < 4.80.1
- Go/github.com/fleetdm/fleet/v4from 0, < 4.80.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |