Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

140 matches found

CVE
CVEadded 2026/04/29 5:53 p.m.6 views

CVE-2026-28221

CVE-2026-28221 – Wazuh pre-auth stack-based buffer overflow is confirmed in wazuh-remoted’s print_hex_string(). From versions 4.8.0 to before 4.14.4, attacker-controlled bytes are formatted with sprintf(dst_buf + 2*i, "%.2x", src_buf[i]) on signed-char platforms, causing sign-extension and an out...

8.2CVSS5.9AI score0.00098EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.3 views

PT-2026-35966

Name of the Vulnerable Software and Affected Versions Wazuh versions 4.8.0 through 4.14.3 Description A stack-based buffer overflow exists in the print hex string function within wazuh-remoted. This occurs when formatting attacker-controlled bytes using sprintf on platforms where char is treated ...

6.5CVSS5.9AI score0.00098EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/03/17 6:2 p.m.19 views

CVE-2026-25770 Wazuh has Privilege Escalation to Root via Cluster Protocol File Write

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the Wazuh Manager's cluster synchronization protocol. The wazuh-clusterd service allows authenticated...

9.1CVSS0.00072EPSS
Exploits1References1
OSV
OSVadded 2026/03/17 6:2 p.m.0 views

CVE-2026-25770 Wazuh has Privilege Escalation to Root via Cluster Protocol File Write

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the Wazuh Manager's cluster synchronization protocol. The wazuh-clusterd service allows authenticated...

9.1CVSS6AI score0.00072EPSS
Exploits1References3
CVE
CVEadded 2026/03/17 6:2 p.m.24 views

CVE-2026-25770

Affected software : Wazuh Manager (cluster synchronization protocol). Vulnerability details : In versions 3.9.0 up to just before 4.14.3, authenticated nodes can abuse the cluster protocol to write arbitrary files on the manager filesystem as the wazuh user. The insecure permissions let the wazuh...

9.1CVSS6AI score0.00072EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/17 12:0 a.m.0 views

PT-2026-25923

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the Wazuh Manager's cluster synchronization protocol. The wazuh-clusterd service allows authenticated...

9.1CVSS6AI score0.00072EPSS
Exploits1References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2020-29311

Malware in sbrugna...

10CVSS9AI score0.00988EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-11350

Malware in sbrugna...

7.8CVSS7.7AI score0.00024EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-29309

Malware in sbrugna...

9.8CVSS9AI score0.00756EPSS
Exploits2References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-5829

Malware in sbrugna...

6.1CVSS6.3AI score0.00514EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-29310

Malware in sbrugna...

9.8CVSS9AI score0.00854EPSS
Exploits2References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2020-29313

Malware in sbrugna...

9.8CVSS9AI score0.00854EPSS
Exploits2References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2014-5175

Malware in sbrugna...

7.2CVSS6.3AI score0.09659EPSS
Exploits3References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-29308

Malware in sbrugna...

8.8CVSS8.4AI score0.00728EPSS
Exploits2References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-29312

Malware in sbrugna...

5.5CVSS5.5AI score0.00185EPSS
Exploits2References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-14747

Malware in sbrugna...

7.5CVSS7.5AI score0.0028EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-29314

Malware in sbrugna...

5.5CVSS5.5AI score0.00143EPSS
Exploits2References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2015-3282

Malware in sbrugna...

7CVSS6.7AI score0.00477EPSS
Exploits4References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-17009

Malicious code in bioql PyPI...

9.5CVSS6.5AI score0.01023EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/06/13 3:24 a.m.3 views

CVE-2024-1244

Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2...

9.5CVSS7.6AI score0.01023EPSS
Exploits0References1
Rows per page
Query Builder