CVE-2026-25772

Name of the Vulnerable Software and Affected Versions Wazuh versions 4.4.0 through 4.14.2

Description Wazuh is a free and open source platform used for threat prevention, detection, and response. A stack-based buffer overflow exists in the Wazuh Database synchronization module (wdb delta event.c). The SQL query construction logic allows for an integer underflow when calculating the remaining buffer size due to the incorrect aggregation of the return value of snprintf. If a database synchronization payload exceeds the query buffer size (2048 bytes), bounds checking is removed for subsequent writes, allowing an attacker to corrupt the stack, potentially leading to a Denial of Service (DoS) or Remote Code Execution (RCE).

Recommendations Versions prior to 4.14.3 should be updated to version 4.14.3 or later.