Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

wazuh — Vulnerabilities & Security Advisories 32

All 32 CVE vulnerabilities found in wazuh, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive vulnerability aggregation resource for Wazuh, a popular open-source security monitoring and detection platform. It collects a wide range of software vulnerabilities affecting various components of the Wazuh ecosystem, including agent applications, managers, API modules, and integrated third-party libraries. The data covers security issues identified from the product's early releases through to the most recent versions, ensuring a historical perspective on security posture evolution. By accessing this page, users can effectively track vendor advisories issued by the Wazuh team and independent security researchers. It allows security professionals to understand specific weakness classes that have impacted the platform, facilitating better risk assessment and remediation planning. Additionally, readers can look up a product's vulnerability history to identify recurring patterns or persistent issues within the codebase. This centralized view supports informed decision-making for system administrators and security engineers who rely on Wazuh for threat detection. The information is structured to help users quickly locate relevant details without sifting through disparate sources. It serves as a reference point for evaluating the overall security maturity of the Wazuh deployment environment. Whether auditing past incidents or preparing for future updates, this aggregation offers essential insights into the software's defensive capabilities. The content is curated to highlight significant flaws that could impact integrity, confidentiality, or availability of monitored systems.

Vendor: wazuh

CVE IDTitleCVSSSeverityPublished
CVE-2026-56401 Wazuh - NULL Pointer Dereference in inventory_sync DataValue FlatBuffer Handling CWE-476 6.5 Medium2026-07-08
CVE-2026-41499 Wazuh: Multiple Heap-based NULL WRITE Buffer Underflows in parse_uname_string() CWE-124 6.5 Medium2026-04-29
CVE-2026-30893 Wazuh cluster sync path traversal in decompress_files() enables arbitrary file write and code execution from authenticated cluster peer CWE-22 9.0 Critical2026-04-29
CVE-2026-28221 Wazuh: Pre-auth stack-based buffer overflow in wazuh-remoted print_hex_string() due to signed char promotion on x86_64 CWE-121 6.5 Medium2026-04-29
CVE-2026-26206 Wazuh: API brute-force protection bypass via race condition in login attempt tracking CWE-307 6.5 Medium2026-04-29
CVE-2026-26204 Wazuh: Heap-based NULL WRITE Buffer Underflow in GetAlertData CWE-124 4.4 Medium2026-04-29
CVE-2023-7340 Wazuh authd service (os_auth) Heap-based Buffer Overflow CWE-125 3.5 Low2026-03-27
CVE-2026-32984 Heap buffer overflow in wazuh-authd CWE-125 3.5 Low2026-03-27
CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser CWE-121 4.9 Medium2026-03-17
CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow CWE-121 4.9 Medium2026-03-17
CVE-2026-25771 Wazuh Vulnerable to Denial of Service via Synchronous I/O Blocking in Asynchronous Authentication Middleware CWE-400 5.3 Medium2026-03-17
CVE-2026-25770 Wazuh has Privilege Escalation to Root via Cluster Protocol File Write CWE-22 9.1 Critical2026-03-17
CVE-2026-25769 Wazuh Cluster vulnerable to Remote Code Execution via Insecure Deserialization CWE-502 9.1 Critical2026-03-17
CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666 CWE-252 7.5 -2025-11-21
CVE-2025-54866 Wazuh installation fails to protected authd.pass on Windows CWE-276 7.1 -2025-11-21
CVE-2025-30201 Wazuh NetNTLMv2 Hash Theft In Multiple Centralized Configuration Capabilities CWE-73 7.7 High2025-11-21
CVE-2025-62792 Wazuh vulnerable to Heap-based Buffer Over-read in w_expression_match CWE-126 7.5AIHighAI2025-10-29
CVE-2025-62791 Wazuh vulnerable to NULL pointer dereference in DecodeCiscat CWE-252 7.5AIHighAI2025-10-29
CVE-2025-62790 Wazuh vulnerable to NULL pointer dereference in fim_fetch_attributes_state CWE-476 7.5AIHighAI2025-10-29
CVE-2025-62789 Wazuh vulnerable to NULL pointer dereference in fim_alert line 712 CWE-252 7.5AIHighAI2025-10-29
CVE-2025-62788 Wazuh Vulnerable to Heap Use After Free in w_copy_event_for_log CWE-416 9.1AICriticalAI2025-10-29
CVE-2025-62787 Wazuh Vulnerable to Heap-based Buffer Over-read in DecodeWinevt CWE-126 7.5AIHighAI2025-10-29
CVE-2025-62786 Wazuh Vulnerable to Heap-based Buffer Out-Of-Bounds WRITE in decode_win_permissions CWE-124 9.8AICriticalAI2025-10-29
CVE-2025-62785 Wazuh fillData NULL pointer dereference causes analysisd crash CWE-252 7.5AIHighAI2025-10-29
CVE-2025-59938 Heap buffer overflow in wazuh-analysisd CWE-122 6.5 Medium2025-09-27
CVE-2025-24016 Remote code execution in Wazuh server CWE-502 9.9 Critical2025-02-10
CVE-2024-35177 Improper Access Control in wazuh-agent CWE-284 7.8 High2025-02-03
CVE-2024-47770 Ability to view Agent list with no privilege access in wazuh-dashboard CWE-269 4.6 Medium2025-02-03
CVE-2024-32038 Wazuh Analysis Engine Event Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 9.8 Critical2024-04-19
CVE-2023-50260 Wazuh's vulnerability in host_deny AR script allows arbitrary command execution CWE-94 8.8 High2024-04-19

All 32 known CVE vulnerabilities affecting wazuh with full Chinese analysis, references, and POCs where available.