wazuh

Top products

The 15 most recently published vulnerabilities affecting wazuh.

• CVE-2026-41499Wazuh: Multiple Heap-based NULL WRITE Buffer Underflows in parse_uname_string()6.5Apr 29, 2026
• CVE-2026-30893Wazuh cluster sync path traversal in decompress_files() enables arbitrary file write and code execution from authenticated cluster peer9.0Apr 29, 2026
• CVE-2026-28221Wazuh: Pre-auth stack-based buffer overflow in wazuh-remoted print_hex_string() due to signed char promotion on x86_646.5Apr 29, 2026
• CVE-2026-26206Wazuh: API brute-force protection bypass via race condition in login attempt tracking6.5Apr 29, 2026
• CVE-2026-26204Wazuh: Heap-based NULL WRITE Buffer Underflow in GetAlertData4.4Apr 29, 2026
• CVE-2025-15612Wazuh Provisioning Scripts / Build Infrastructure Improper Certificate Validation leading to MITM and RCE4.8Mar 27, 2026
• CVE-2025-15617Wazuh GitHub Actions Workflow Exposure of Sensitive Credentials6.5Mar 27, 2026
• CVE-2025-15616Wazuh Agent and Manager OS Command Injection and Untrusted Search Path6.7Mar 27, 2026
• CVE-2025-15615Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service5.8Mar 27, 2026
• CVE-2023-7340Wazuh authd service (os_auth) Heap-based Buffer Overflow3.5Mar 27, 2026
• CVE-2026-32983SSL/TLS Renegotiation DoS in Wazuh Manager authd service5.8Mar 27, 2026
• CVE-2026-32984Heap buffer overflow in wazuh-authd3.5Mar 27, 2026
• CVE-2026-25790Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser4.9Mar 17, 2026
• CVE-2026-25772Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow4.9Mar 17, 2026
• CVE-2026-25771Wazuh Vulnerable to Denial of Service via Synchronous I/O Blocking in Asynchronous Authentication Middleware5.3Mar 17, 2026