Heap Buffer Overflow in Wazuh Analysis Tool by Wazuh
CVE-2025-59938

6.5MEDIUM

Key Information:

Vendor: Wazuh
Status: Wazuh
Vendor: CVE Published:; 27 September 2025

What is CVE-2025-59938?

Wazuh, a popular free and open source platform for threat prevention, detection, and response, is affected by a heap buffer overflow vulnerability. This flaw occurs during the parsing of XML elements from Windows EventChannel messages in versions 3.8.0 through 4.10.0. The vulnerability allows potentially malicious XML inputs to cause unexpected behaviors or crashes in the application. Users are highly encouraged to upgrade to version 4.11.0 or later, where this issue has been effectively resolved.

Affected Version(s)

wazuh >= 3.8.0, < 4.11.0

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-v...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 27, 2025
Vulnerability Reserved
Sep 23, 2025

JSON