Known Vulnerabilities for products from Wazuh
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Wazuh".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32984 | Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-32983 | Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initia... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2025-15617 | Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2025-15616 | Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vu... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2025-15615 | Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initia... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2025-15612 | Not Provided | 2026-03-27 | 2026-03-31 | |
| CVE-2023-7340 | Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2021-41821 | Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of ser... | 6.5 - MEDIUM | 2021-09-29 | 2021-10-12 |
| CVE-2021-26814 | Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges vi... | 8.8 - HIGH | 2021-03-06 | 2022-07-12 |
| CVE-2018-19666 | The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by ... | 7.8 - HIGH | 2018-11-29 | 2019-01-04 |
Known software with vulnerabilities from Wazuh
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Wazuh | Wazuh | 1.0.0 |