CVE-2026-25771

Wazuh vulnerability CVE-2026-25771 affects versions 4.3.0 through prior to 4.14.3. The DoS arises in the API authentication middleware: the async Starlette/Asyncio loop calls a synchronous generate_keypair function that performs blocking disk I/O on every request with a Bearer token, allowing an ...

CVE-2026-25769

CVE-2026-25769 affects Wazuh versions 4.0.0–4.14.2 and is exploitable via Remote Code Execution due to Deserialization of Untrusted Data. In deployments using cluster mode (master/worker), a compromised worker node can achieve full RCE on the master with root privileges. The issue is fixed in ver...

CVE-2025-54065

GZDoom is a feature centric port for all Doom engine games. GZDoom is an open source Doom engine. In versions 4.14.2 and earlier, ZScript actor state handling allows scripts to read arbitrary addresses, write constants into the JIT-compiled code section, and redirect control flow through crafted...

CVE-2021-35939 affecting package rpm 4.14.2-15

CVE-2021-35939 affecting package rpm 4.14.2-15. This CVE either no longer is or was never applicable...

CVE-2021-35937 affecting package rpm 4.14.2-15

CVE-2021-35937 affecting package rpm 4.14.2-15. This CVE either no longer is or was never applicable...

CVE-2021-35938 affecting package rpm 4.14.2-15

CVE-2021-35938 affecting package rpm 4.14.2-15. This CVE either no longer is or was never applicable...