CVE-2025-62785 Wazuh fillData NULL pointer dereference causes analysisd crash

Wazuh is a free and open source platform used for threat prevention, detection, and response. fillData implementation does not check whether value is NULL or not before calling osstrdup on it. A compromised agent can cause a crash of analysisd by sending a specially crafted message to the wazuh...

EUVD-2025-36686

Wazuh is a free and open source platform used for threat prevention, detection, and response. fillData implementation does not check whether value is NULL or not before calling osstrdup on it. A compromised agent can cause a crash of analysisd by sending a specially crafted message to the wazuh...

CVE-2025-62785 Wazuh fillData NULL pointer dereference causes analysisd crash

Wazuh is a free and open source platform used for threat prevention, detection, and response. fillData implementation does not check whether value is NULL or not before calling osstrdup on it. A compromised agent can cause a crash of analysisd by sending a specially crafted message to the wazuh...

PT-2025-44313

Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.10.2 Description Wazuh, a platform for threat prevention, detection, and response, contains a flaw in the fillData implementation. This implementation does not verify if a value is NULL before utilizing os strdup on i...