Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low impact on the availability of the authentication daemon.
{
"unresolved_ranges": [
{
"source": "AFFECTED_FIELD",
"extracted_events": [
{
"introduced": "3.5.0"
},
{
"last_affected": "3.5.0"
},
{
"introduced": "4.3.10"
},
{
"last_affected": "4.3.10"
}
]
}
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/32xxx/CVE-2026-32984.json",
"cna_assigner": "VulnCheck",
"cwe_ids": [
"CWE-125"
]
}{
"source": [
"CPE_RANGE",
"CPE_STRING"
],
"cpe": [
"cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:*",
"cpe:2.3:a:wazuh:wazuh:4.3.10:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "3.5.0"
},
{
"introduced": "4.3.10"
},
{
"last_affected": "4.3.10"
}
]
}