Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Wazuh — Vulnerabilities & Security Advisories 39

Browse all 39 CVE security advisories affecting Wazuh. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wazuh is an open-source security platform primarily utilized for intrusion detection, log data analysis, and compliance monitoring across diverse infrastructure environments. Its architecture integrates host-based agents with a central server to aggregate telemetry, enabling organizations to detect anomalies and maintain regulatory adherence. Historically, the software has been associated with vulnerabilities such as remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls within its web interface and API components. With thirty-nine recorded CVEs, these issues highlight risks related to authentication bypasses and insecure default configurations. While no catastrophic breaches have been publicly attributed directly to Wazuh itself, the frequency of these CVEs underscores the importance of rigorous patch management and secure deployment practices to mitigate potential exploitation vectors in enterprise security operations.

Top products by Wazuh: wazuh wazuh-manager wazuh-kibana-app Wazuh Agent wazuh-dashboard-plugins wazuh-agent Wazuh (GitHub Actions) Wazuh Provisioning Scripts (Agent Build Environment)
CVE IDTitleCVSSSeverityPublished
CVE-2026-41499 Wazuh: Multiple Heap-based NULL WRITE Buffer Underflows in parse_uname_string() — wazuhCWE-124 6.5 Medium2026-04-29
CVE-2026-30893 Wazuh cluster sync path traversal in decompress_files() enables arbitrary file write and code execution from authenticated cluster peer — wazuhCWE-22 9.0 Critical2026-04-29
CVE-2026-28221 Wazuh: Pre-auth stack-based buffer overflow in wazuh-remoted print_hex_string() due to signed char promotion on x86_64 — wazuhCWE-121 6.5 Medium2026-04-29
CVE-2026-26206 Wazuh: API brute-force protection bypass via race condition in login attempt tracking — wazuhCWE-307 6.5 Medium2026-04-29
CVE-2026-26204 Wazuh: Heap-based NULL WRITE Buffer Underflow in GetAlertData — wazuhCWE-124 4.4 Medium2026-04-29
CVE-2025-15612 Wazuh Provisioning Scripts / Build Infrastructure Improper Certificate Validation leading to MITM and RCE — Wazuh Provisioning Scripts (Agent Build Environment)CWE-295 4.8 Medium2026-03-27
CVE-2025-15617 Wazuh GitHub Actions Workflow Exposure of Sensitive Credentials — Wazuh (GitHub Actions)CWE-522 6.5 Medium2026-03-27
CVE-2025-15616 Wazuh Agent and Manager OS Command Injection and Untrusted Search Path — wazuh-agentCWE-94 6.7 Medium2026-03-27
CVE-2025-15615 Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service — wazuh-managerCWE-276 6.5 Medium2026-03-27
CVE-2023-7340 Wazuh authd service (os_auth) Heap-based Buffer Overflow — WazuhCWE-125 3.1 Low2026-03-27
CVE-2026-32983 SSL/TLS Renegotiation DoS in Wazuh Manager authd service — wazuh-managerCWE-276 5.8 Medium2026-03-27
CVE-2026-32984 Heap buffer overflow in wazuh-authd — WazuhCWE-125 3.5 Low2026-03-27
CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser — wazuhCWE-121 4.9 Medium2026-03-17
CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow — wazuhCWE-121 4.9 Medium2026-03-17
CVE-2026-25771 Wazuh Vulnerable to Denial of Service via Synchronous I/O Blocking in Asynchronous Authentication Middleware — wazuhCWE-400 5.3 Medium2026-03-17
CVE-2026-25770 Wazuh has Privilege Escalation to Root via Cluster Protocol File Write — wazuhCWE-22 9.1 Critical2026-03-17
CVE-2026-25769 Wazuh Cluster vulnerable to Remote Code Execution via Insecure Deserialization — wazuhCWE-502 9.1 Critical2026-03-17
CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666 — wazuhCWE-252 7.5 -2025-11-21
CVE-2025-54866 Wazuh installation fails to protected authd.pass on Windows — wazuhCWE-276 7.1 -2025-11-21
CVE-2025-30201 Wazuh NetNTLMv2 Hash Theft In Multiple Centralized Configuration Capabilities — wazuhCWE-73 7.7 High2025-11-21
CVE-2025-64483 Wazuh API – Agent Configuration Has Improper Access Control in Agent Enrollment Endpoint — wazuh-dashboard-pluginsCWE-284 8.8 -2025-11-21
CVE-2025-62792 Wazuh vulnerable to Heap-based Buffer Over-read in w_expression_match — wazuhCWE-126 7.5AIHighAI2025-10-29
CVE-2025-62791 Wazuh vulnerable to NULL pointer dereference in DecodeCiscat — wazuhCWE-252 7.5AIHighAI2025-10-29
CVE-2025-62790 Wazuh vulnerable to NULL pointer dereference in fim_fetch_attributes_state — wazuhCWE-476 7.5AIHighAI2025-10-29
CVE-2025-62789 Wazuh vulnerable to NULL pointer dereference in fim_alert line 712 — wazuhCWE-252 7.5AIHighAI2025-10-29
CVE-2025-62788 Wazuh Vulnerable to Heap Use After Free in w_copy_event_for_log — wazuhCWE-416 9.1AICriticalAI2025-10-29
CVE-2025-62787 Wazuh Vulnerable to Heap-based Buffer Over-read in DecodeWinevt — wazuhCWE-126 7.5AIHighAI2025-10-29
CVE-2025-62786 Wazuh Vulnerable to Heap-based Buffer Out-Of-Bounds WRITE in decode_win_permissions — wazuhCWE-124 9.8AICriticalAI2025-10-29
CVE-2025-62785 Wazuh fillData NULL pointer dereference causes analysisd crash — wazuhCWE-252 7.5AIHighAI2025-10-29
CVE-2025-59938 Heap buffer overflow in wazuh-analysisd — wazuhCWE-122 6.5 Medium2025-09-27

This page lists every published CVE security advisory associated with Wazuh. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.