CVE-2026-32984
Heap-Buffer Overflow in Wazuh authd Causes Denial of Service
Publication date: 2026-03-27
Last updated on: 2026-03-31
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wazuh | wazuh | to 3.5.0 (inc) |
| wazuh | wazuh | 4.3.10 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in Wazuh authd causes a denial of service condition impacting availability but does not affect confidentiality or integrity of data.
Since the vulnerability does not compromise confidentiality or integrity, it is unlikely to directly violate compliance requirements related to data protection standards such as GDPR or HIPAA, which primarily focus on protecting personal data confidentiality and integrity.
However, the availability impact could affect service uptime, which may have indirect implications depending on the specific compliance requirements for system availability and resilience.
Can you explain this vulnerability to me?
CVE-2026-32984 is a heap buffer overflow vulnerability found in the Wazuh authentication daemon (wazuh-authd). This vulnerability occurs when specially crafted input is sent to the daemon, causing memory corruption and malformed heap data.
The issue is classified under CWE-125 (Out-of-bounds Read) and affects versions up to 3.5.0 and 4.3.10 of wazuh-authd.
Exploitation of this vulnerability can lead to a denial of service (DoS) condition, impacting the availability of the authentication service.
How can this vulnerability impact me? :
This vulnerability can be exploited by attackers to cause a denial of service (DoS) condition on the Wazuh authentication daemon.
The impact is limited to low availability, meaning the authentication service may become unavailable or disrupted temporarily.
There is no impact on confidentiality or integrity, so data leakage or unauthorized data modification is not a concern with this vulnerability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the heap buffer overflow vulnerability in Wazuh authd (CVE-2026-32984), you should update the Wazuh authentication daemon to a version later than 3.5.0 or 4.3.10 where the issue is fixed.
Since the vulnerability allows denial of service via specially crafted input, restricting network access to the authentication daemon and monitoring for unusual authentication requests may help reduce exposure until an update is applied.