Vendor CVEs
Wazuh
All CVEs
43 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-30893 | Cri | 0.52 | 9.0 | 0.00 | Apr 29, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary… | ||
| CVE-2024-57378 | Hig | 0.47 | 7.3 | 0.00 | Feb 13, 2025 | Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows the unauthorized creation of internal users without assigning any existing user role, potentially leading to privilege escalation or unauthorized access to sensitive resources. | ||
| CVE-2025-15617 | Med | 0.42 | 6.5 | 0.00 | Mar 27, 2026 | Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB_TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as… | ||
| CVE-2025-15616 | Med | 0.37 | 6.7 | 0.02 | Mar 27, 2026 | Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags,… | ||
| CVE-2026-41499 | Med | 0.35 | 6.5 | 0.00 | Apr 29, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based out-of-bounds WRITE vulnerabilities exist in parse_uname_string() (remoted_op.c). This function processes OS… | ||
| CVE-2026-28221 | Med | 0.35 | 6.5 | 0.00 | Apr 29, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a stack-based buffer overflow exists in print_hex_string() in wazuh-remoted. The bug is triggered when formatting attacker-controlled bytes… | ||
| CVE-2026-26206 | Med | 0.35 | 6.5 | 0.00 | Apr 29, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, Wazuh's server API brute-force protection for POST /security/user/authenticate can be bypassed by sending concurrent authentication… | ||
| CVE-2025-15615 | Med | 0.31 | 5.8 | 0.01 | Mar 27, 2026 | Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers… | ||
| CVE-2026-32983 | Med | 0.31 | 5.8 | 0.00 | Mar 27, 2026 | Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers… | ||
| CVE-2025-64483 | Med | 0.27 | — | 0.00 | Nov 21, 2025 | Wazuh is a security detection, visibility, and compliance open source project. From version 4.9.0 to before 4.13.0, the Wazuh API – Agent Configuration in certain configurations allows authenticated users with read-only API roles to retrieve agent enrollment credentials… | ||
| CVE-2025-15612 | Med | 0.24 | 4.8 | 0.00 | Mar 27, 2026 | Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify… | ||
| CVE-2026-32984 | Low | 0.23 | 3.5 | 0.00 | Mar 27, 2026 | Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low impact on… | ||
| CVE-2023-7340 | Low | 0.23 | 3.5 | 0.00 | Mar 27, 2026 | Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low availability… | ||
| CVE-2025-24016 | 0.23 | — | 0.93 | KEV | Feb 10, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a… | ||
| CVE-2026-26204 | Med | 0.22 | 4.4 | 0.00 | Apr 29, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer… | ||
| CVE-2023-50260 | 0.01 | — | 0.41 | Apr 19, 2024 | Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the `host_deny` script allows to write any string in the `hosts.deny` file, which can end in an arbitrary command execution on the target system. This… | |||
| CVE-2026-25790 | 0.00 | — | 0.00 | Mar 17, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment (SCA) decoder (`wazuh-analysisd`). The use of… | |||
| CVE-2026-25772 | 0.00 | — | 0.00 | Mar 17, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module (`wdb_delta_event.c`). The SQL… | |||
| CVE-2026-25771 | 0.00 | — | 0.00 | Mar 17, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.3.0 and prior to version 4.14.3, a Denial of Service (DoS) vulnerability exists in the Wazuh API authentication middleware (`middlewares.py`). The application uses… | |||
| CVE-2026-25770 | 0.00 | — | 0.01 | Mar 17, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the Wazuh Manager's cluster synchronization protocol. The `wazuh-clusterd` service… | |||
| CVE-2026-25769 | 0.00 | — | 0.09 | Mar 17, 2026 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution (RCE) vulnerability due to Deserialization of Untrusted Data). All Wazuh deployments using cluster mode (master/worker… | |||
| CVE-2025-64169 | 0.00 | — | 0.00 | Nov 21, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fim_alert() implementation does not check whether oldsum->md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of… | |||
| CVE-2025-54866 | 0.00 | — | 0.00 | Nov 21, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.3.0 to before 4.13.0, a missing ACL on "C:\Program Files (x86)\ossec-agent\authd.pass" exposes the password to all "Authenticated Users" on the local machine. This issue… | |||
| CVE-2025-30201 | 0.00 | — | 0.01 | Nov 21, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings,… | |||
| CVE-2025-62792 | 0.00 | — | 0.00 | Oct 29, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.12.0, a buffer over-read occurs in w_expression_match() when strlen() is called on str_test, because the corresponding buffer is not being properly NULL terminated during its… | |||
| CVE-2025-62791 | 0.00 | — | 0.00 | Oct 29, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, DecodeCiscat() implementation does not check the return the value of cJSON_GetObjectItem() for a possible NULL value in case of an error. A compromised agent can cause… | |||
| CVE-2025-62790 | 0.00 | — | 0.00 | Oct 29, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fim_fetch_attributes_state() implementation does not check whether time_string is NULL or not before calling strlen() on it. A compromised agent can cause a crash of… | |||
| CVE-2025-62789 | 0.00 | — | 0.00 | Oct 29, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fim_alert() implementation does not check whether the return value of ctime_r is NULL or not before calling strdup() on it. A compromised agent can cause a crash of… | |||
| CVE-2025-62788 | 0.00 | — | 0.00 | Oct 29, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, w_copy_event_for_log() references memory (initially allocated in OS_CleanMSG()) after it has been freed. A compromised agent can potentially compromise the integrity of… | |||
| CVE-2025-62787 | 0.00 | — | 0.00 | Oct 29, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.10.2, a buffer over-read occurs in DecodeWinevt() when child_attr[p]->attributes[j] is accessed, because the corresponding index (j) is incorrect. A compromised agent can… | |||
| CVE-2025-62786 | 0.00 | — | 0.01 | Oct 29, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. A heap-based out-of-bounds WRITE occurs in decode_win_permissions, resulting in writing a NULL byte 2 bytes before the start of the buffer allocated to decoded_it. A compromised agent… | |||
| CVE-2025-62785 | 0.00 | — | 0.00 | Oct 29, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. fillData() implementation does not check whether value is NULL or not before calling os_strdup() on it. A compromised agent can cause a crash of analysisd by sending a specially crafted… | |||
| CVE-2025-59938 | 0.00 | — | 0.00 | Sep 27, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions starting from 3.8.0 to before 4.11.0, wazuh-analysisd is vulnerable to a heap buffer overflow when parsing XML elements from Windows EventChannel messages. This issue has… | |||
| CVE-2024-1243 | 0.00 | — | 0.01 | Jun 11, 2025 | Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which… | |||
| CVE-2024-35177 | 0.00 | — | 0.00 | Feb 3, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege… | |||
| CVE-2024-47770 | 0.00 | — | 0.00 | Feb 3, 2025 | Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access,… | |||
| CVE-2024-32038 | 0.00 | — | 0.01 | Apr 19, 2024 | Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and above. This vulnerability is… | |||
| CVE-2023-49275 | 0.00 | — | 0.01 | Apr 19, 2024 | Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when `analysisd` receives a… | |||
| CVE-2023-42463 | 0.00 | — | 0.00 | Jan 12, 2024 | Wazuh is a free and open source platform used for threat prevention, detection, and response. This bug introduced a stack overflow hazard that could allow a local privilege escalation. This vulnerability was patched in version 4.5.3. | |||
| CVE-2023-42455 | 0.00 | — | 0.01 | Oct 9, 2023 | Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get the Wazuh API administrator key used by the Dashboard using the browser development tools. This allows a logged user to the dashboard to become… | |||
| CVE-2022-40497 | 0.00 | — | 0.01 | Sep 27, 2022 | Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint. | |||
| CVE-2021-44079 | 0.00 | — | 0.03 | Nov 22, 2021 | In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution. | |||
| CVE-2021-41821 | 0.00 | — | 0.01 | Sep 29, 2021 | Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager. |
- risk 0.52cvss 9.0epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary…
- risk 0.47cvss 7.3epss 0.00
Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows the unauthorized creation of internal users without assigning any existing user role, potentially leading to privilege escalation or unauthorized access to sensitive resources.
- risk 0.42cvss 6.5epss 0.00
Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB_TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as…
- risk 0.37cvss 6.7epss 0.02
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags,…
- risk 0.35cvss 6.5epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based out-of-bounds WRITE vulnerabilities exist in parse_uname_string() (remoted_op.c). This function processes OS…
- risk 0.35cvss 6.5epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a stack-based buffer overflow exists in print_hex_string() in wazuh-remoted. The bug is triggered when formatting attacker-controlled bytes…
- risk 0.35cvss 6.5epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, Wazuh's server API brute-force protection for POST /security/user/authenticate can be bypassed by sending concurrent authentication…
- risk 0.31cvss 5.8epss 0.01
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers…
- risk 0.31cvss 5.8epss 0.00
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers…
- risk 0.27cvss —epss 0.00
Wazuh is a security detection, visibility, and compliance open source project. From version 4.9.0 to before 4.13.0, the Wazuh API – Agent Configuration in certain configurations allows authenticated users with read-only API roles to retrieve agent enrollment credentials…
- risk 0.24cvss 4.8epss 0.00
Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify…
- risk 0.23cvss 3.5epss 0.00
Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low impact on…
- risk 0.23cvss 3.5epss 0.00
Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low availability…
- risk 0.23cvss —epss 0.93
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a…
- risk 0.22cvss 4.4epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer…
- CVE-2023-50260Apr 19, 2024risk 0.01cvss —epss 0.41
Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the `host_deny` script allows to write any string in the `hosts.deny` file, which can end in an arbitrary command execution on the target system. This…
- CVE-2026-25790Mar 17, 2026risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment (SCA) decoder (`wazuh-analysisd`). The use of…
- CVE-2026-25772Mar 17, 2026risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module (`wdb_delta_event.c`). The SQL…
- CVE-2026-25771Mar 17, 2026risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.3.0 and prior to version 4.14.3, a Denial of Service (DoS) vulnerability exists in the Wazuh API authentication middleware (`middlewares.py`). The application uses…
- CVE-2026-25770Mar 17, 2026risk 0.00cvss —epss 0.01
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the Wazuh Manager's cluster synchronization protocol. The `wazuh-clusterd` service…
- CVE-2026-25769Mar 17, 2026risk 0.00cvss —epss 0.09
Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution (RCE) vulnerability due to Deserialization of Untrusted Data). All Wazuh deployments using cluster mode (master/worker…
- CVE-2025-64169Nov 21, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fim_alert() implementation does not check whether oldsum->md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of…
- CVE-2025-54866Nov 21, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.3.0 to before 4.13.0, a missing ACL on "C:\Program Files (x86)\ossec-agent\authd.pass" exposes the password to all "Authenticated Users" on the local machine. This issue…
- CVE-2025-30201Nov 21, 2025risk 0.00cvss —epss 0.01
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings,…
- CVE-2025-62792Oct 29, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.12.0, a buffer over-read occurs in w_expression_match() when strlen() is called on str_test, because the corresponding buffer is not being properly NULL terminated during its…
- CVE-2025-62791Oct 29, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, DecodeCiscat() implementation does not check the return the value of cJSON_GetObjectItem() for a possible NULL value in case of an error. A compromised agent can cause…
- CVE-2025-62790Oct 29, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fim_fetch_attributes_state() implementation does not check whether time_string is NULL or not before calling strlen() on it. A compromised agent can cause a crash of…
- CVE-2025-62789Oct 29, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fim_alert() implementation does not check whether the return value of ctime_r is NULL or not before calling strdup() on it. A compromised agent can cause a crash of…
- CVE-2025-62788Oct 29, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, w_copy_event_for_log() references memory (initially allocated in OS_CleanMSG()) after it has been freed. A compromised agent can potentially compromise the integrity of…
- CVE-2025-62787Oct 29, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.10.2, a buffer over-read occurs in DecodeWinevt() when child_attr[p]->attributes[j] is accessed, because the corresponding index (j) is incorrect. A compromised agent can…
- CVE-2025-62786Oct 29, 2025risk 0.00cvss —epss 0.01
Wazuh is a free and open source platform used for threat prevention, detection, and response. A heap-based out-of-bounds WRITE occurs in decode_win_permissions, resulting in writing a NULL byte 2 bytes before the start of the buffer allocated to decoded_it. A compromised agent…
- CVE-2025-62785Oct 29, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. fillData() implementation does not check whether value is NULL or not before calling os_strdup() on it. A compromised agent can cause a crash of analysisd by sending a specially crafted…
- CVE-2025-59938Sep 27, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions starting from 3.8.0 to before 4.11.0, wazuh-analysisd is vulnerable to a heap buffer overflow when parsing XML elements from Windows EventChannel messages. This issue has…
- CVE-2024-1243Jun 11, 2025risk 0.00cvss —epss 0.01
Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which…
- CVE-2024-35177Feb 3, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege…
- CVE-2024-47770Feb 3, 2025risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access,…
- CVE-2024-32038Apr 19, 2024risk 0.00cvss —epss 0.01
Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and above. This vulnerability is…
- CVE-2023-49275Apr 19, 2024risk 0.00cvss —epss 0.01
Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when `analysisd` receives a…
- CVE-2023-42463Jan 12, 2024risk 0.00cvss —epss 0.00
Wazuh is a free and open source platform used for threat prevention, detection, and response. This bug introduced a stack overflow hazard that could allow a local privilege escalation. This vulnerability was patched in version 4.5.3.
- CVE-2023-42455Oct 9, 2023risk 0.00cvss —epss 0.01
Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get the Wazuh API administrator key used by the Dashboard using the browser development tools. This allows a logged user to the dashboard to become…
- CVE-2022-40497Sep 27, 2022risk 0.00cvss —epss 0.01
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint.
- CVE-2021-44079Nov 22, 2021risk 0.00cvss —epss 0.03
In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution.
- CVE-2021-41821Sep 29, 2021risk 0.00cvss —epss 0.01
Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager.