Home/Product/wazuh
Product

wazuh

43 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-41499
>= 4.0.0 and < 4.14.4
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version
6.5MEDIUM
 CVE-2026-30893
>= 4.4.0 and < 4.14.4
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version
9.0CRITICAL
 CVE-2026-28221
>= 4.8.0 and < 4.14.4
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version
6.5MEDIUM
 CVE-2026-26206
>= 4.0.0 and < 4.14.4
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version
6.5MEDIUM
 CVE-2026-26204
>= 1.0.0 and < 4.14.4
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version
4.4MEDIUM
 CVE-2025-15612
>= 4.1.3 and < 4.14.0
Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecur
4.8MEDIUM
 CVE-2025-15617
all versions
Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the
6.5MEDIUM
 CVE-2025-15616
>= 2.1.0 and < 4.8.0
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnera
6.7MEDIUM
 CVE-2025-15615
< 4.8.0
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated S
5.8MEDIUM
 CVE-2026-32984
<= 3.5.0
Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data
3.5LOW
 CVE-2026-32983
<= 4.7.3
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated S
5.8MEDIUM
 CVE-2023-7340
<= 3.5.0
Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data
3.5LOW
 CVE-2026-25790
>= 3.9.0 and < 4.14.3
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior
4.9MEDIUM
 CVE-2026-25772
>= 4.4.0 and < 4.14.3
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior
4.9MEDIUM
 CVE-2026-25771
>= 4.3.0 and < 4.14.3
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.3.0 and prior
5.3MEDIUM
 CVE-2026-25770
>= 3.9.0 and < 4.14.3
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior
9.1CRITICAL
 CVE-2026-25769
>= 4.0.0 and < 4.14.3
Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a
9.1CRITICAL
 CVE-2025-64169
>= 3.7.0 and < 4.12.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0,
4.9MEDIUM
 CVE-2025-54866
>= 4.3.0 and < 4.13.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.3.0 to before 4.13.0,
5.5MEDIUM
 CVE-2025-30201
< 4.13.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerabi
7.7HIGH
 CVE-2025-62792
< 4.12.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.12.0, a buffer over-read
7.5HIGH
 CVE-2025-62791
< 4.11.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, DecodeCiscat() impl
7.5HIGH
 CVE-2025-62790
< 4.11.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fim_fetch_attribute
7.5HIGH
 CVE-2025-62789
< 4.11.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fim_alert() impleme
7.5HIGH
 CVE-2025-62788
< 4.11.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, w_copy_event_for_lo
7.5HIGH
 CVE-2025-62787
< 4.10.2
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.10.2, a buffer over-read
7.5HIGH
 CVE-2025-62786
< 4.10.2
Wazuh is a free and open source platform used for threat prevention, detection, and response. A heap-based out-of-bounds WRITE occ
8.1HIGH
 CVE-2025-62785
< 4.10.2
Wazuh is a free and open source platform used for threat prevention, detection, and response. fillData() implementation does not c
7.5HIGH
 CVE-2025-59938
>= 3.8.0 and < 4.11.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions starting from 3.8.0 to b
6.5MEDIUM
 CVE-2024-1243
< 4.8.0
Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh ser
7.2HIGH
 CVE-2025-24016
>= 4.4.0 and < 4.9.1
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior
9.9CRITICAL
 CVE-2024-47770
< 4.9.1
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workload
4.6MEDIUM
 CVE-2024-35177
>= 3.0.0 and < 4.9.0
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workload
7.8HIGH
 CVE-2024-32038
>= 3.8.0 and < 4.7.2
Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in
9.8CRITICAL
 CVE-2023-50260
>= 4.2.0 and < 4.7.2
Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the `host_deny
8.8HIGH
 CVE-2023-49275
>= 3.2.0 and < 4.7.1
Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detec
6.5MEDIUM
 CVE-2023-42463
< 4.5.3
Wazuh is a free and open source platform used for threat prevention, detection, and response. This bug introduced a stack overflow
7.4HIGH
 CVE-2023-42455
>= 4.4.0 and < 4.4.2
Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get
8.8HIGH
 CVE-2022-40497
>= 3.6.1 and <= 3.13.5
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RC
8.8HIGH
 CVE-2021-44079
>= 4.2.0 and < 4.2.5
In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, po
9.8CRITICAL
 CVE-2021-41821
<= 4.1.5
Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service.
6.5MEDIUM
 CVE-2021-26814
>= 4.0.0 and <= 4.0.3
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /ma
8.8HIGH
 CVE-2018-19666
>= 1.0.0 and <= 2.1.1
The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by lever
7.8HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin