Approved changes feed: RSS · Atom

cpe:2.3:a:wazuh:wazuh-agent:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorWazuh (a7402332-cdfc-5fc8-bb0e-3f511f6cb7fd)
ProductWazuh Agent (dd121c5a-a72e-530e-b6fe-369784235612)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-15616 vulnerable 2026-06-08 07:06:36.557842 Wazuh Agent and Manager OS Command Injection and Untrusted Search Path
MEDIUM (6.7)
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR script parameters. Attackers can exploit these vulnerabilities by injecting malicious commands through configuration files, SMTP server settings, and custom flags to achieve remote code execution on affected systems.
Published: 2026-03-27T16:38:20.559Z
Updated: 2026-03-27T19:46:04.116Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.