VYPR

Wazuh

by Wazuh

Source repositories

CVEs (43)

  • CVE-2026-30893CriApr 29, 2026
    risk 0.52cvss 9.0epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary…

  • CVE-2024-57378HigFeb 13, 2025
    risk 0.47cvss 7.3epss 0.00

    Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows the unauthorized creation of internal users without assigning any existing user role, potentially leading to privilege escalation or unauthorized access to sensitive resources.

  • CVE-2025-15617MedMar 27, 2026
    risk 0.42cvss 6.5epss 0.00

    Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB_TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as…

  • CVE-2025-15616MedMar 27, 2026
    risk 0.37cvss 6.7epss 0.02

    Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags,…

  • CVE-2026-41499MedApr 29, 2026
    risk 0.35cvss 6.5epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based out-of-bounds WRITE vulnerabilities exist in parse_uname_string() (remoted_op.c). This function processes OS…

  • CVE-2026-28221MedApr 29, 2026
    risk 0.35cvss 6.5epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a stack-based buffer overflow exists in print_hex_string() in wazuh-remoted. The bug is triggered when formatting attacker-controlled bytes…

  • CVE-2026-26206MedApr 29, 2026
    risk 0.35cvss 6.5epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, Wazuh's server API brute-force protection for POST /security/user/authenticate can be bypassed by sending concurrent authentication…

  • CVE-2025-15615MedMar 27, 2026
    risk 0.31cvss 5.8epss 0.01

    Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers…

  • CVE-2026-32983MedMar 27, 2026
    risk 0.31cvss 5.8epss 0.00

    Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers…

  • CVE-2025-64483MedNov 21, 2025
    risk 0.27cvss epss 0.00

    Wazuh is a security detection, visibility, and compliance open source project. From version 4.9.0 to before 4.13.0, the Wazuh API – Agent Configuration in certain configurations allows authenticated users with read-only API roles to retrieve agent enrollment credentials…

  • CVE-2025-15612MedMar 27, 2026
    risk 0.24cvss 4.8epss 0.00

    Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify…

  • CVE-2026-32984LowMar 27, 2026
    risk 0.23cvss 3.5epss 0.00

    Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low impact on…

  • CVE-2023-7340LowMar 27, 2026
    risk 0.23cvss 3.5epss 0.00

    Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low availability…

  • CVE-2025-24016KEVFeb 10, 2025
    risk 0.23cvss epss 0.93

    Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a…

  • CVE-2026-26204MedApr 29, 2026
    risk 0.22cvss 4.4epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer…

  • CVE-2023-50260Apr 19, 2024
    risk 0.01cvss epss 0.41

    Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the `host_deny` script allows to write any string in the `hosts.deny` file, which can end in an arbitrary command execution on the target system. This…

  • CVE-2026-25790Mar 17, 2026
    risk 0.00cvss epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment (SCA) decoder (`wazuh-analysisd`). The use of…

  • CVE-2026-25772Mar 17, 2026
    risk 0.00cvss epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module (`wdb_delta_event.c`). The SQL…

  • CVE-2026-25771Mar 17, 2026
    risk 0.00cvss epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.3.0 and prior to version 4.14.3, a Denial of Service (DoS) vulnerability exists in the Wazuh API authentication middleware (`middlewares.py`). The application uses…

  • CVE-2026-25770Mar 17, 2026
    risk 0.00cvss epss 0.01

    Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the Wazuh Manager's cluster synchronization protocol. The `wazuh-clusterd` service…

Page 1 of 3