No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Wed, 15 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 15 Jul 2026 12:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Wazuh Manager before 5.0.0-beta3 fails to escape the DataValue.index field when constructing OpenSearch bulk requests, allowing enrolled agents to inject arbitrary NDJSON operations. Attackers can smuggle delete, index, or update operations into bulk requests executed under the manager's admin credentials, enabling document deletion, alert tampering, and cross-agent SIEM state manipulation. | |
| Title | Wazuh Manager - NDJSON Injection in inventory_sync via Agent-Controlled DataValue.index | |
| First Time appeared |
Wazuh
Wazuh wazuh |
|
| Weaknesses | CWE-74 | |
| CPEs | cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Wazuh
Wazuh wazuh |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-15T12:42:22.159Z
Reserved: 2026-06-22T17:09:16.556Z
Link: CVE-2026-56699
Updated: 2026-07-15T12:42:05.172Z
No data.
No data.
OpenCVE Enrichment
No data.