← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-24016 — Actively Exploited: Wazuh Server (Wazuh)

Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers.

CVE IDCVE-2025-24016
VendorWazuh
ProductWazuh Server
Vulnerability nameWazuh Server Deserialization of Untrusted Data Vulnerability
Date added2025-06-10
Remediation due2025-07-01
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionWazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →