Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wazuh — Vulnerabilities & Security Advisories 26

All 26 CVE vulnerabilities found in wazuh, with AI-generated Chinese analysis, references, and POCs.

Vendor: wazuh

CVE IDTitleCVSSSeverityPublished
CVE-2023-7340 Wazuh authd service (os_auth) Heap-based Buffer Overflow CWE-125 3.1 Low2026-03-27
CVE-2026-32984 Heap buffer overflow in wazuh-authd CWE-125 3.5 Low2026-03-27
CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser CWE-121 4.9 Medium2026-03-17
CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow CWE-121 4.9 Medium2026-03-17
CVE-2026-25771 Wazuh Vulnerable to Denial of Service via Synchronous I/O Blocking in Asynchronous Authentication Middleware CWE-400 5.3 Medium2026-03-17
CVE-2026-25770 Wazuh has Privilege Escalation to Root via Cluster Protocol File Write CWE-22 9.1 Critical2026-03-17
CVE-2026-25769 Wazuh Cluster vulnerable to Remote Code Execution via Insecure Deserialization CWE-502 9.1 Critical2026-03-17
CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666 CWE-252 7.5 -2025-11-21
CVE-2025-54866 Wazuh installation fails to protected authd.pass on Windows CWE-276 7.1 -2025-11-21
CVE-2025-30201 Wazuh NetNTLMv2 Hash Theft In Multiple Centralized Configuration Capabilities CWE-73 7.7 High2025-11-21
CVE-2025-62792 Wazuh vulnerable to Heap-based Buffer Over-read in w_expression_match CWE-126 7.5AIHighAI2025-10-29
CVE-2025-62791 Wazuh vulnerable to NULL pointer dereference in DecodeCiscat CWE-252 7.5AIHighAI2025-10-29
CVE-2025-62790 Wazuh vulnerable to NULL pointer dereference in fim_fetch_attributes_state CWE-476 7.5AIHighAI2025-10-29
CVE-2025-62789 Wazuh vulnerable to NULL pointer dereference in fim_alert line 712 CWE-252 7.5AIHighAI2025-10-29
CVE-2025-62788 Wazuh Vulnerable to Heap Use After Free in w_copy_event_for_log CWE-416 9.1AICriticalAI2025-10-29
CVE-2025-62787 Wazuh Vulnerable to Heap-based Buffer Over-read in DecodeWinevt CWE-126 7.5AIHighAI2025-10-29
CVE-2025-62786 Wazuh Vulnerable to Heap-based Buffer Out-Of-Bounds WRITE in decode_win_permissions CWE-124 9.8AICriticalAI2025-10-29
CVE-2025-62785 Wazuh fillData NULL pointer dereference causes analysisd crash CWE-252 7.5AIHighAI2025-10-29
CVE-2025-59938 Heap buffer overflow in wazuh-analysisd CWE-122 6.5 Medium2025-09-27
CVE-2025-24016 Remote code execution in Wazuh server CWE-502 9.9 Critical2025-02-10
CVE-2024-35177 Improper Access Control in wazuh-agent CWE-284 7.8 High2025-02-03
CVE-2024-47770 Ability to view Agent list with no privilege access in wazuh-dashboard CWE-269 4.6 Medium2025-02-03
CVE-2024-32038 Wazuh Analysis Engine Event Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 9.8 Critical2024-04-19
CVE-2023-50260 Wazuh's vulnerability in host_deny AR script allows arbitrary command execution CWE-94 8.8 High2024-04-19
CVE-2023-49275 Wazuh vulnerable to NULL Pointer Dereference in wazuh-analysisd CWE-476 6.5 Medium2024-04-19
CVE-2023-42463 wazuh-logcollector integer underflow local privilege escalation CWE-121 7.4 High2024-01-12

All 26 known CVE vulnerabilities affecting wazuh with full Chinese analysis, references, and POCs where available.