CVE-2026-32984
Modified Modified - Updated After Analysis
Heap-Buffer Overflow in Wazuh authd Causes Denial of Service

Publication date: 2026-03-27

Last updated on: 2026-05-26

Assigner: VulnCheck

Description
Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low impact on the availability of the authentication daemon.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-27
Last Modified
2026-05-26
Generated
2026-06-16
AI Q&A
2026-03-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32984
EUVD
EUVD-2026-16688
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
wazuh wazuh to 3.5.0 (inc)
wazuh wazuh 4.3.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability in Wazuh authd causes a denial of service condition impacting availability but does not affect confidentiality or integrity of data.

Since the vulnerability does not compromise confidentiality or integrity, it is unlikely to directly violate compliance requirements related to data protection standards such as GDPR or HIPAA, which primarily focus on protecting personal data confidentiality and integrity.

However, the availability impact could affect service uptime, which may have indirect implications depending on the specific compliance requirements for system availability and resilience.

Mitigation Strategies

To mitigate the heap buffer overflow vulnerability in Wazuh authd (CVE-2026-32984), you should update the Wazuh authentication daemon to a version later than 3.5.0 or 4.3.10 where the issue is fixed.

Since the vulnerability allows denial of service via specially crafted input, restricting network access to the authentication daemon and monitoring for unusual authentication requests may help reduce exposure until an update is applied.

Executive Summary

CVE-2026-32984 is a heap buffer overflow vulnerability found in the Wazuh authentication daemon (wazuh-authd). This vulnerability occurs when specially crafted input is sent to the daemon, causing memory corruption and malformed heap data.

The issue is classified under CWE-125 (Out-of-bounds Read) and affects versions up to 3.5.0 and 4.3.10 of wazuh-authd.

Exploitation of this vulnerability can lead to a denial of service (DoS) condition, impacting the availability of the authentication service.

Impact Analysis

This vulnerability can be exploited by attackers to cause a denial of service (DoS) condition on the Wazuh authentication daemon.

The impact is limited to low availability, meaning the authentication service may become unavailable or disrupted temporarily.

There is no impact on confidentiality or integrity, so data leakage or unauthorized data modification is not a concern with this vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32984. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart