Medium severity4.8NVD Advisory· Published Mar 27, 2026· Updated Apr 8, 2026

CVE-2025-15612

Description

Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies or code during the build process, leading to remote code execution and supply chain compromise.

Affected products

Wazuh/Wazuh
cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:*
Range: >=4.1.3,<4.14.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/wazuh/wazuh/security/advisories/GHSA-wvg9-7q49-c7mgnvdExploitVendor Advisory
www.vulncheck.com/advisories/various-uses-of-curl-without-verifying-the-authenticity-of-the-ssl-certificate-leading-to-mitm-rce-in-build-infrastructurenvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.312
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000