Vulnerability Description
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based out-of-bounds WRITE vulnerabilities exist in parse_uname_string() (remoted_op.c). This function processes OS identification data from agents and contains a dangerous code pattern that appears in 4 locations within the same function: writing to strlen(ptr) - 1 without checking for empty strings. When the string is empty, strlen() returns 0, and 0 - 1 wraps to SIZE_MAX due to unsigned integer underflow. Due to pointer arithmetic wrapping, SIZE_MAX effectively becomes -1, causing a write exactly 1 byte before the allocated buffer. This corrupts heap metadata (e.g., the chunk size field in glibc malloc), leading to heap corruption. This issue has been patched in version 4.14.4.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wazuh | Wazuh | >= 4.0.0, < 4.14.4 |
Related Weaknesses (CWE)
References
- https://github.com/wazuh/wazuh/releases/tag/v4.14.4Release Notes
- https://github.com/wazuh/wazuh/security/advisories/GHSA-qvqj-p8mm-r7h3Vendor Advisory
- https://github.com/wazuh/wazuh/security/advisories/GHSA-qvqj-p8mm-r7h3Vendor Advisory
FAQ
What is CVE-2026-41499?
CVE-2026-41499 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based out-of-bounds WRITE vulnerabilities exist...
How severe is CVE-2026-41499?
CVE-2026-41499 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-41499?
Check the references section above for vendor advisories and patch information. Affected products include: Wazuh Wazuh.