CVE-2026-26204 Wazuh: Heap-based NULL WRITE Buffer Underflow in GetAlertData

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer allocated by strdup. D...

CVE-2026-26204

Wazuh versions 1.0.0–4.14.3 are affected by a heap-based out-of-bounds write in GetAlertData that writes a NULL byte 1 byte before the start of the buffer allocated by strdup, due to an unsigned underflow. This corrupts heap metadata and can allow a compromised agent to cause denial of service or...

CVE-2026-26204

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer allocated by strdup. D...

EUVD-2026-26259

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer allocated by strdup. D...

CVE-2026-26204 Wazuh: Heap-based NULL WRITE Buffer Underflow in GetAlertData

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer allocated by strdup. D...

CVE-2026-6253

creationtimestamp| type| source ---|---|--- 2026-04-29 07:06:00+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkmjxidnro2m 2026-04-29 07:10:54+00:00| seen| https://mastodon.social/users/bagder/statuses/116486743707813679 2026-04-29 07:11:04+00:00| seen|...

CVE-2026-40560

creationtimestamp| type| source ---|---|--- 2026-04-29 00:38:14+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkluc4fnnn2x 2026-04-29 00:38:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkluc5hnxw2k...

PT-2026-35961

Name of the Vulnerable Software and Affected Versions Wazuh versions 1.0.0 through 4.14.3 Description A heap-based out-of-bounds WRITE occurs in the GetAlertData function. This is caused by an unsigned integer underflow and pointer arithmetic wrapping, which results in a NULL byte being written...

CVE-2026-23561

creationtimestamp| type| source ---|---|--- 2026-04-28 18:38:06+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkla62aalt24 2026-04-29 01:49:24+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-citrix-xenserver 2026-04-29 12:45:36+00:00| seen|...

CVE-2026-7214

creationtimestamp| type| source ---|---|--- 2026-04-28 05:55:30+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mkjvkig2yj2x...

CVE-2026-30350

creationtimestamp| type| source ---|---|--- 2026-04-28 01:12:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkjfpm5svr2q...

Towards Agentic Investigation of Security Alerts

Security analysts are overwhelmed by the volume of alerts and the low context provided by many detection systems. Early-stage investigations typically require manual correlation across multiple log sources, a task that is usually time-consuming. In this paper, we present an experimental, agentic...

CVE-2026-38935

creationtimestamp| type| source ---|---|--- 2026-04-27 09:00:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/81812 2026-04-27 15:00:08+00:00| published-proof-of-concept| Telegram/SPdUhd4HVoLIToB8DVWG5b4lXjNZTDUUT7OIICRBagRYmDU...

CVE-2026-3867

creationtimestamp| type| source ---|---|--- 2026-04-27 07:42:57+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/control-systems-moxa-security-advisory-av26-393...

CVE-2026-7090 code-projects Chat System send_message.php cross site scripting

A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...

CVE-2026-7035

creationtimestamp| type| source ---|---|--- 2026-04-26 14:17:15+00:00| seen| https://mastodon.social/users/RedPacketSecurity/statuses/116471403743332437 2026-04-30 18:07:11+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkq7ekvz6p2u...

CVE-2026-41478

creationtimestamp| type| source ---|---|--- 2026-04-24 22:00:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkbjlqme3z2n 2026-04-28 16:07:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkkxq6o5ex2w 2026-04-28 16:07:10+00:00| seen|...

MAL-2026-3065 Malicious code in @m0ntana/app.web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ffd5d049b453ec288428ae1c5b369effbc0397e753720aeb3900a746bb83519 The package @m0ntana/app.web was found to contain malicious code. Source: ghsa-malware b7fdecb35a1116b81d1340d7d6cc748a050b4dde46beb279a40f6e049955ca...

GHSA-XHMJ-RG95-44HV

creationtimestamp| type| source ---|---|--- 2026-04-23 21:26:31+00:00| seen| Telegram/BiTM4VWQdbYmMG43-mv447qo5-YjFbOvUme2BKAYDCNPPw...

CVE-2026-6886

creationtimestamp| type| source ---|---|--- 2026-04-23 00:58:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10863-2f48e-2.html 2026-04-23 11:16:37+00:00| seen| Telegram/wFSQsgW7X9YvnPcwQoIwWZcAEOwcl2-nLfGCKL8FlikswBY 2026-04-23 19:44:39+00:00| seen|...