Description
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Published: 2026-07-08
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References

No reference.

History

Wed, 15 Jul 2026 12:30:00 +0000

Type Values Removed Values Added
Title Wazuh - NULL Pointer Dereference in inventory_sync DataValue FlatBuffer Handling
References
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 15 Jul 2026 12:00:00 +0000

Type Values Removed Values Added
Description Wazuh wazuh-modulesd before 5.0.0-beta3 contains a null pointer dereference vulnerability in inventory_sync FlatBuffer DataValue handling. An enrolled agent can send a verifier-valid DataValue message omitting the optional id field, causing wazuh-modulesd to crash when dereferencing data->id()->string_view() without null validation, resulting in denial of service. This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Weaknesses CWE-476
CPEs cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:*
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}


Wed, 08 Jul 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 08 Jul 2026 14:15:00 +0000

Type Values Removed Values Added
Description Wazuh wazuh-modulesd before 5.0.0-beta3 contains a null pointer dereference vulnerability in inventory_sync FlatBuffer DataValue handling. An enrolled agent can send a verifier-valid DataValue message omitting the optional id field, causing wazuh-modulesd to crash when dereferencing data->id()->string_view() without null validation, resulting in denial of service.
Title Wazuh - NULL Pointer Dereference in inventory_sync DataValue FlatBuffer Handling
First Time appeared Wazuh
Wazuh wazuh
Weaknesses CWE-476
CPEs cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:*
Vendors & Products Wazuh
Wazuh wazuh
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: REJECTED

Assigner: VulnCheck

Published:

Updated: 2026-07-15T11:42:41.971Z

Reserved: 2026-06-21T12:37:58.435Z

Link: CVE-2026-56401

cve-icon Vulnrichment

Updated:

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-15T07:00:04Z

Weaknesses

No weakness.