Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1913+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. Security
  3. CVE-2026-56699: Critical NDJSON Injection in Wazuh Manager (CVSS 10.0)
CVE-2026-56699: Critical NDJSON Injection in Wazuh Manager (CVSS 10.0)

Critical Security Alert

This vulnerability is actively being exploited. Immediate action is recommended.

SECURITYCRITICALCVE-2026-56699

CVE-2026-56699: Critical NDJSON Injection in Wazuh Manager (CVSS 10.0)

CVSS 10.0 flaw in Wazuh Manager 5.0 beta lets enrolled agents inject NDJSON ops into OpenSearch under admin credentials, deleting logs and corrupting alerts.

Dylan H.

Security Team

July 16, 2026
3 min read

Affected Products

  • Wazuh Manager 5.0.0-beta1, 5.0.0-beta2

Overview

A critical vulnerability (CVSS 10.0) in Wazuh Manager 5.0 beta releases allows any enrolled agent — without authentication — to inject arbitrary NDJSON operations into the manager's OpenSearch bulk API requests. Tracked as CVE-2026-56699 and also published as GitHub Advisory GHSA-ff9g-85jq-r3g3, this flaw gives attacker-controlled agents the ability to delete security logs, tamper with vulnerability data, and inject malicious payloads into analyst dashboards — all executed under the manager's high-privilege OpenSearch admin credentials.

Affected Versions

  • Wazuh Manager 5.0.0-beta1
  • Wazuh Manager 5.0.0-beta2

Wazuh 4.x is not affected. The vulnerable code path lives in the new inventory synchronization pipeline introduced in the 5.0 beta series and does not exist in older branches.

Technical Details

The vulnerability resides in Wazuh 5.0's new inventory sync module (indexerConnectorSyncImpl.hpp). When agents forward flatbuffer data to the manager, the DataValue.index field is embedded directly into OpenSearch _bulk API NDJSON request bodies without escaping or input validation.

The _id field in the same code path is correctly sanitized — but _index is not. By embedding newline characters (\n) into the index field, an attacker can break out of the intended NDJSON structure and inject new, arbitrary operation lines. Those injected operations execute under the manager's OpenSearch credentials, which default to the admin account with the all_access role stored in the Wazuh keystore.

CWE Classifications

  • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
  • CWE-93: Improper Neutralization of CRLF Sequences (CRLF Injection)
  • CWE-863: Incorrect Authorization

Attack Vector

Exploitation requires no prior authentication. By default, wazuh-authd permits anonymous agent enrollment over standard agent communication channels (TCP ports 1514/1515). A proof-of-concept demonstrated full exploitation in under 10 seconds over those standard channels.

Attack Scenarios

  • Evidence destruction: Inject delete operations against wazuh-alerts-* indices to erase security event logs before or during an incident.
  • Data manipulation: Overwrite or corrupt vulnerability scan results and agent inventory data.
  • Persistent dashboard payloads: Inject malicious content into .kibana_1 dashboard objects, which analysts view during investigations.

Remediation

Upgrade to Wazuh Manager 5.0.0-beta3, which patches the vulnerability by properly escaping the _index field in the OpenSearch bulk request builder.

For environments that cannot immediately upgrade, the Wazuh team recommends a three-layer defence:

  1. Escape at the sink — Ensure all index name values are sanitized in indexerConnectorSyncImpl.hpp before inclusion in bulk requests.
  2. Boundary validation — Validate agent-supplied index names against an allowlist in inventorySyncFacade.hpp.
  3. Least-privilege credentials — Downscope the manager's OpenSearch keystore credentials from admin/all_access to the narrower wazuh-server role included in the OpenSearch security plugin.

Indicators of Compromise

Defenders running Wazuh 5.0 beta can monitor for anomalous bulk API operations against wazuh-alerts-* or .kibana_1 indices originating from agent communication channels. Unexpected index deletion events in OpenSearch audit logs are a strong indicator of active exploitation.

References

  • NVD — CVE-2026-56699
  • GitHub Advisory GHSA-ff9g-85jq-r3g3
  • GBHackers — Critical Wazuh Flaw Enables Threat Actors to Alter Alerts and Remove Logs
  • CybersecurityNews — Critical Wazuh Vulnerability Lets Attackers Tamper with Alerts
  • SecurityOnline — Critical Wazuh CVSS 10 Vulnerability Details and PoC Released
#CVE#Wazuh#SIEM#Injection#Critical#OpenSearch#Security Advisory

Related Articles

CVE-2026-25769: Wazuh Critical RCE via Insecure

A critical remote code execution vulnerability (CVSS 9.1) in Wazuh versions 4.0.0–4.14.2 allows an attacker with access to a worker node to achieve root...

6 min read

CVE-2026-25770: Wazuh Privilege Escalation to Root via Cluster Protocol File Write

A critical privilege escalation vulnerability (CVSS 9.1) in Wazuh versions 3.9.0–4.14.2 allows authenticated cluster nodes to overwrite the manager...

6 min read

CVE-2026-60090: PraisonAI SQL Injection via Unvalidated Dimension Parameter in Vector Store Backends

A CVSS 9.8 critical SQL injection vulnerability in PraisonAI before 4.6.78 allows attackers to exploit the unvalidated dimension argument in PGVector and...

3 min read
Back to all Security Alerts