CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2026-41499 – Wazuh: Multiple Heap-based NULL WRITE Buffer Underflows in parse_uname_string()
https://notcve.org/view.php?id=CVE-2026-41499
29 Apr 2026 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based out-of-bounds WRITE vulnerabilities exist in parse_uname_string() (remoted_op.c). This function processes OS identification data from agents and contains a dangerous code pattern that appears in 4 locations within the same function: writing to strlen(ptr) - 1 without checking for empty strings. When the string is empty, strlen() returns 0, and 0 - 1 w... • https://github.com/wazuh/wazuh/releases/tag/v4.14.4 • CWE-124: Buffer Underwrite ('Buffer Underflow') CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2026-30893 – Wazuh cluster sync path traversal in decompress_files() enables arbitrary file write and code execution from authenticated cluster peer
https://notcve.org/view.php?id=CVE-2026-30893
29 Apr 2026 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary files outside the intended extraction directory on other cluster nodes. This can be escalated to code execution in the Wazuh service context by overwriting Python modules loaded by Wazuh components (proof of concept available as sep... • https://github.com/wazuh/wazuh/releases/tag/v4.14.4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-73: External Control of File Name or Path •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2026-28221 – Wazuh: Pre-auth stack-based buffer overflow in wazuh-remoted print_hex_string() due to signed char promotion on x86_64
https://notcve.org/view.php?id=CVE-2026-28221
29 Apr 2026 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a stack-based buffer overflow exists in print_hex_string() in wazuh-remoted. The bug is triggered when formatting attacker-controlled bytes using sprintf(dst_buf + 2*i, "%.2x", src_buf[i]) on platforms where char is treated as signed and the compiled code sign-extends bytes before the variadic call. For input bytes such as 0xFF, the formatting can emit "ffffffff" (8 char... • https://github.com/wazuh/wazuh/releases/tag/v4.14.4 • CWE-121: Stack-based Buffer Overflow CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2026-26206 – Wazuh: API brute-force protection bypass via race condition in login attempt tracking
https://notcve.org/view.php?id=CVE-2026-26206
29 Apr 2026 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, Wazuh's server API brute-force protection for POST /security/user/authenticate can be bypassed by sending concurrent authentication requests. Although the configured threshold (max_login_attempts, default 50) is enforced correctly for sequential requests, a parallel burst allows significantly more failed login attempts to be processed before the IP block is applied. This... • https://github.com/wazuh/wazuh/releases/tag/v4.14.4 • CWE-307: Improper Restriction of Excessive Authentication Attempts CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2026-26204 – Wazuh: Heap-based NULL WRITE Buffer Underflow in GetAlertData
https://notcve.org/view.php?id=CVE-2026-26204
29 Apr 2026 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer allocated by strdup. Due to unsigned integer underflow and pointer arithmetic wrapping, the write lands at offset -1 from the buffer, corrupting heap metadata. A malicious actor can potentially leverage this issue through a compromised a... • https://github.com/wazuh/wazuh/releases/tag/v4.14.4 • CWE-124: Buffer Underwrite ('Buffer Underflow') CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-15617 – Wazuh GitHub Actions Workflow Exposure of Sensitive Credentials
https://notcve.org/view.php?id=CVE-2025-15617
27 Mar 2026 — Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB_TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing malicious commits or altering release tags. • https://github.com/wazuh/wazuh/security/advisories/GHSA-6xqr-4q5g-xc7x • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2025-15616 – Wazuh Agent and Manager OS Command Injection and Untrusted Search Path
https://notcve.org/view.php?id=CVE-2025-15616
27 Mar 2026 — Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR script parameters. Attackers can exploit these vulnerabilities by injecting malicious commands through configuration files, SMTP server settings, and custom flags to achieve remote code execution on affected systems. • https://github.com/wazuh/wazuh/security/advisories/GHSA-522v-p59v-58gm • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-15615 – Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service
https://notcve.org/view.php?id=CVE-2025-15615
27 Mar 2026 — Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable. • https://github.com/wazuh/wazuh/security/advisories/GHSA-rr83-v9v7-jjhp • CWE-276: Incorrect Default Permissions •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2023-7340 – Wazuh authd service (os_auth) Heap-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-7340
27 Mar 2026 — Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low availability impact to the authentication daemon. • https://github.com/wazuh/wazuh/security/advisories/GHSA-grjq-p5fg-m24r • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2026-32983 – SSL/TLS Renegotiation DoS in Wazuh Manager authd service
https://notcve.org/view.php?id=CVE-2026-32983
27 Mar 2026 — Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable. • https://github.com/advisories/GHSA-rr83-v9v7-jjhp • CWE-276: Incorrect Default Permissions •