VYPR
Unrated severityNVD Advisory· Published Mar 17, 2026· Updated Mar 18, 2026

Wazuh Cluster vulnerable to Remote Code Execution via Insecure Deserialization

CVE-2026-25769

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution (RCE) vulnerability due to Deserialization of Untrusted Data). All Wazuh deployments using cluster mode (master/worker architecture) and any organization with a compromised worker node (e.g., through initial access, insider threat, or supply chain attack) are impacted. An attacker who gains access to a worker node (through any means) can achieve full RCE on the master node with root privileges. Version 4.14.3 fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Wazuh/Wazuhllm-fuzzy2 versions
    <=4.14.2+ 1 more
    • (no CPE)range: <=4.14.2
    • (no CPE)range: >= 4.0.0, < 4.14.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.