Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

NVD
NVDadded 2026/03/27 6:16 p.m.4 views

CVE-2025-15617

Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUBTOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing malicious commits...

8.3CVSS0.00387EPSS
Exploits1References2
CVE
CVEadded 2026/03/27 6:4 p.m.16 views

CVE-2025-15617

CVE-2025-15617 concerns Wazuh v4.12.0, where a vulnerability in GitHub Actions workflow artifacts allows extraction of the GITHUB_TOKEN from uploaded artifacts. This exposed token, obtainable within a limited time window, could enable attackers to perform unauthorized actions such as pushing mali...

8.3CVSS5.9AI score0.00387EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/11/24 12:0 a.m.2 views

Wazuh 4.4x < 4.9.1 Remote Code Execution

According to the self-reported version in its response header, the version of Wazuh hosted on the remote web server is 4.4.x prior to 4.9.1. It is, therefore, affected by a Remote Code Execution through an unsafe deserialization by anybody with API access. Note that the scanner has not tested for...

9.9CVSS7.6AI score0.92579EPSS
Exploits10References2
Rows per page
Query Builder