| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-15612 | Wazuh Provisioning Scripts / Build Infrastructure Improper Certificate Validation leading to MITM and RCE | Wazuh | Wazuh Provisioning Scripts (Agent Build Environment) | Medium | 4.8 | 2026-03-27 18:16:11 | Deep Dive |
| CVE-2025-15617 | Wazuh GitHub Actions Workflow Exposure of Sensitive Credentials | Wazuh | Wazuh (GitHub Actions) | Medium | 6.5 | 2026-03-27 18:04:14 | Deep Dive |
| CVE-2025-15616 | Wazuh Agent and Manager OS Command Injection and Untrusted Search Path | Wazuh | wazuh-agent | Medium | 6.7 | 2026-03-27 16:38:21 | Deep Dive |
| CVE-2025-15615 | Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service | Wazuh | wazuh-manager | Medium | 5.8 | 2026-03-27 16:23:04 | Deep Dive |
| CVE-2023-7340 | Wazuh authd service (os_auth) Heap-based Buffer Overflow | Wazuh | Wazuh | Low | 3.5 | 2026-03-27 15:52:48 | Deep Dive |
| CVE-2026-32983 | SSL/TLS Renegotiation DoS in Wazuh Manager authd service | Wazuh | wazuh-manager | Medium | 5.8 | 2026-03-27 15:44:31 | Deep Dive |
| CVE-2026-32984 | Heap buffer overflow in wazuh-authd | Wazuh | Wazuh | Low | 3.5 | 2026-03-27 15:02:48 | Deep Dive |
| CVE-2026-25790 | Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser | wazuh | wazuh | Medium | 4.9 | 2026-03-17 18:41:46 | Deep Dive |
| CVE-2026-25772 | Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow | wazuh | wazuh | Medium | 4.9 | 2026-03-17 18:11:06 | Deep Dive |
| CVE-2026-25771 | Wazuh Vulnerable to Denial of Service via Synchronous I/O Blocking in Asynchronous Authentication Middleware | wazuh | wazuh | Medium | 5.3 | 2026-03-17 18:08:53 | Deep Dive |
| CVE-2026-25770 | Wazuh has Privilege Escalation to Root via Cluster Protocol File Write | wazuh | wazuh | Critical | 9.1 | 2026-03-17 18:02:07 | Deep Dive |
| CVE-2026-25769 | Wazuh Cluster vulnerable to Remote Code Execution via Insecure Deserialization | wazuh | wazuh | Critical | 9.1 | 2026-03-17 17:41:09 | Deep Dive |
| CVE-2025-64169 | Wazuh NULL pointer dereference in fim_alert line 666 | wazuh | wazuh | 中危 | - | 2025-11-21 18:39:02 | Deep Dive |
| CVE-2025-54866 | Wazuh installation fails to protected authd.pass on Windows | wazuh | wazuh | 低危 | - | 2025-11-21 18:23:50 | Deep Dive |
| CVE-2025-30201 | Wazuh NetNTLMv2 Hash Theft In Multiple Centralized Configuration Capabilities | wazuh | wazuh | High | 7.7 | 2025-11-21 18:17:38 | Deep Dive |
| CVE-2025-64483 | Wazuh API – Agent Configuration Has Improper Access Control in Agent Enrollment Endpoint | wazuh | wazuh-dashboard-plugins | 中危 | - | 2025-11-21 17:55:33 | Deep Dive |
| CVE-2025-62792 | Wazuh vulnerable to Heap-based Buffer Over-read in w_expression_match | wazuh | wazuh | - | - | 2025-10-29 16:50:06 | Deep Dive |
| CVE-2025-62791 | Wazuh vulnerable to NULL pointer dereference in DecodeCiscat | wazuh | wazuh | - | - | 2025-10-29 16:48:25 | Deep Dive |
| CVE-2025-62790 | Wazuh vulnerable to NULL pointer dereference in fim_fetch_attributes_state | wazuh | wazuh | - | - | 2025-10-29 16:46:31 | Deep Dive |
| CVE-2025-62789 | Wazuh vulnerable to NULL pointer dereference in fim_alert line 712 | wazuh | wazuh | - | - | 2025-10-29 16:44:31 | Deep Dive |