CVE-2026-39359
CVE-2026-39359 affects Wazuh Manager components authd and remoted. In vulnerable releases (4.0.0–4.10.3 and 4.11.0–4.14.4), the enrollment flow lets agents choose a group during enrollment without properly filtering path traversal sequences like “...”. The manager validates the group directory wi...