Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Fri, 17 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 17 Jul 2026 02:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Wazuh
Wazuh wazuh |
|
| Vendors & Products |
Wazuh
Wazuh wazuh |
Fri, 17 Jul 2026 00:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.6.0 and above prior to 4.14.5 contain a heap-based buffer overflow vulnerability in the syscheck component of the Wazuh agent for Windows. When expanding registry paths containing wildcards (* or ?), the agent allocates a fixed-size heap buffer of 256 bytes (OS_SIZE_256). By creating a registry subkey with a maximum allowed length (255 characters) inside a monitored path, a low-privileged local attacker can force an out-of-bounds write during string concatenation. Since wazuh-agent.exe runs as NT AUTHORITY\SYSTEM, this can lead to a silent Denial of Service (blinding the agent) or potentially Local Privilege Escalation (LPE). This issue has been fixed in version 4.14.5. | |
| Title | Wazuh: Heap-based Buffer Overflow in syscheck Registry Wildcard Expansion (LPE / DoS) | |
| Weaknesses | CWE-122 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-17T14:31:32.183Z
Reserved: 2026-04-09T01:41:38.536Z
Link: CVE-2026-40106
Updated: 2026-07-17T14:31:00.758Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-17T02:30:08Z