Wazuh CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Wazuh CVE published 2026-03-27

CVE-2026-32984

A heap-buffer overflow vulnerability exists in Wazuh's authentication daemon (authd). The flaw allows remote attackers to send specially crafted input that causes memory corruption and malformed heap data. Successful exploitation results in a denial of service condition affecting availability of the authentication service. The vulnerability is rated MEDIUM severity with a CVSS score of 5.3. Affected versi [truncated]

Known exploited Wazuh CVE published 2025-06-10

CVE-2025-24016

CVE-2025-24016 is a Wazuh Server deserialization of untrusted data issue that CISA added to its Known Exploited Vulnerabilities catalog on 2025-06-10. Because it is KEV-listed, it should be treated as an active defensive priority. CISA’s guidance is to apply vendor mitigations, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.