Heap-Based Vulnerability in Wazuh Threat Detection Platform
CVE-2026-26204

4.4MEDIUM

Key Information:

Vendor: Wazuh
Status: Wazuh
Vendor: CVE Published:; 29 April 2026

What is CVE-2026-26204?

The vulnerability in Wazuh affects versions from 1.0.0 up to 4.14.3, where a heap-based out-of-bounds write occurs in the GetAlertData function. This issue leads to the writing of a NULL byte just before the allocated buffer, primarily due to unsigned integer underflow and pointer arithmetic wrapping. This flaw allows potential attackers to exploit the system through a compromised agent, which may inject malicious alerts into the monitored log file. Such actions can result in denial of service or heap corruption. The vulnerability has been addressed in version 4.14.4.

Affected Version(s)

wazuh >= 1.0.0, < 4.14.4

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-j...

x_refsource_CONFIRM

https://github.com/wazuh/wazuh/releases/tag/v4.14.4

x_refsource_MISC

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 29, 2026
Vulnerability Reserved
Feb 11, 2026

CVE-2026-26204 Data

JSON