Vulnerabilities in Wazuh
39 resultsCVE-2025-62789MEDIUMWazuh vulnerable to NULL pointer dereference in fim_alert line 712EPSS 0.4%CVE-2025-62787LOWWazuh Vulnerable to Heap-based Buffer Over-read in DecodeWinevtEPSS 0.4%CVE-2025-62792MEDIUMWazuh vulnerable to Heap-based Buffer Over-read in w_expression_matchEPSS 0.4%CVE-2025-59938MEDIUMHeap buffer overflow in wazuh-analysisdEPSS 0.3%CVE-2023-7340MEDIUMWazuh authd service (os_auth) Heap-based Buffer OverflowEPSS 0.3%CVE-2025-64169MEDIUMWazuh NULL pointer dereference in fim_alert line 666EPSS 0.3%CVE-2026-25772MEDIUMWazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer UnderflowEPSS 0.3%CVE-2025-62791MEDIUMWazuh vulnerable to NULL pointer dereference in DecodeCiscatEPSS 0.3%CVE-2025-62788MEDIUMWazuh Vulnerable to Heap Use After Free in w_copy_event_for_logEPSS 0.3%CVE-2026-32984MEDIUMHeap buffer overflow in wazuh-authdEPSS 0.3%CVE-2024-35177HIGHImproper Access Control in wazuh-agentEPSS 0.3%CVE-2026-41499MEDIUMWazuh: Multiple Heap-based NULL WRITE Buffer Underflows in parse_uname_string()EPSS 0.3%CVE-2023-42463HIGHwazuh-logcollector integer underflow local privilege escalationEPSS 0.2%CVE-2024-47770MEDIUMAbility to view Agent list with no privilege access in wazuh-dashboardEPSS 0.2%CVE-2025-64483MEDIUMWazuh API – Agent Configuration Has Improper Access Control in Agent Enrollment EndpointEPSS 0.2%CVE-2025-15612MEDIUMWazuh Provisioning Scripts / Build Infrastructure Improper Certificate Validation leading to MITM and RCEEPSS 0.2%CVE-2026-26206MEDIUMWazuh: API brute-force protection bypass via race condition in login attempt trackingEPSS 0.2%CVE-2026-26204MEDIUMWazuh: Heap-based NULL WRITE Buffer Underflow in GetAlertDataEPSS 0.2%CVE-2025-54866LOWWazuh installation fails to protected authd.pass on WindowsEPSS 0.1%