Home / Vulnerability Intelligence / CVE-2026-28221

CVE-2026-28221 - Vulnerability Analysis

MediumCVSS: 6.5

Last Updated: April 30, 2026

Wazuh - Buffer Overflow

Published: April 29, 2026Updated: April 30, 2026PoC AvailableRemote Exploitable

Overview

Wazuh 4.8.0 to < 4.14.4 contains a stack-based buffer overflow caused by sign-extended byte formatting in print_hex_string() in wazuh-remoted, letting remote attackers cause out-of-bounds write and log amplification via unauthenticated TCP/1514 messages.

Severity & Score

Severity: Medium

CVSS Score: 6.5

Impact

Remote attackers can cause buffer overflow leading to potential denial of service and log amplification that degrades monitoring and consumes disk resources.

Mitigation

Upgrade to version 4.14.4 or later.

References

https://github.com/wazuh/wazuh/releases/tag/v4.14.4
https://github.com/wazuh/wazuh/security/advisories/GHSA-q9vv-7w4c-f4cm

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-28221
Severity: Medium
CVSS Score: 6.5
Type: buffer_overflow
Status: confirmed

CWE

CWE-121

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L