4.14.5 Release notes - 23 April 2026

This section lists the changes in version 4.14.5. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.

What's new

This release includes new features or enhancements as the following:

Wazuh agent

  • #34563 Changed the RHEL init script with the SUSE variant on SLES 11.

  • #34543 Changed the service check from WMI to sc.exe.

  • #34727 Changed Windows Syscollector to include command arguments.

Other

  • #34907 Updated the cryptography dependency to 46.0.5, the Werkzeug dependency to 3.1.6, the pip dependency to 26.0.1, and the wheel dependency to 0.46.3.

  • #35135 Updated the embedded Python to 3.10.20 and the pyjwt and pyasn1 dependencies.

  • #35331 Updated the cryptography and requests dependencies.

Resolved issues

This release resolves known issues as the following:

Wazuh manager

  • #34889 Fixed DAPI callable resolution to restrict invocations to exposed resources only.

  • #35173 #35412 Fixed uncontrolled memory allocation in the cluster caused by a crafted packet length.

  • #35077 Fixed rate limit bypass for the /events endpoint.

  • #35106 Fixed a buffer overflow in Analysisd regex match processing.

  • #35230 Fixed a path traversal in Authd via agent group name validation.

  • #35193 Fixed a size_t underflow in Remoted ReadSecMSG causing a potential heap overflow.

  • #35307 Fixed an RBAC bypass in DAPI allowing privilege escalation.

  • #35176 Fixed Analysisd plugin decoder argument alignment.

Wazuh agent

  • #34734 Fixed a Rootcheck false positive for /dev/.blkid.tab.

  • #34735 Fixed ORDER_REVERSAL deadlocks in FIM.

  • #34793 Fixed the Roundcube decoder regex to prevent srcip truncation in Failed login ... in session logs.

  • #34693 Fixed macOS Ventura SCA policy incorrectly passing pmset checks.

  • #34673 Fixed Office 365 integration pagination by trimming HTTP header values.

  • #34880 Fixed FIM false positives caused by a double readdir check.

  • #35285 Fixed the audit log cache overflow for events with many records in Logcollector.

  • #35110 Fixed the daily marker for the GuardDuty log collector.

  • #35297 Fixed Rootcheck not generating findings.

  • #35287 Fixed a heap buffer overflow in Syscheck registry wildcard expansion.

RESTful API

  • #34905 Fixed allow_higher_versions validation in the API upload_configuration.

  • #35224 Fixed the nested JSON depth limit in API request processing.

  • #35141 Fixed the upload size limit config mismatch.

Ruleset

  • #35088 Fixed a bug in CIS SCA checks 35675 and 35689 for Ubuntu 24.04.

  • #35089 Fixed Dovecot decoders to correctly extract the rip and lip fields.

Wazuh dashboard

  • #8130 Fixed the wazuh-core plugin startup timeout when configured API hosts are unreachable by making manageHosts.start() non-blocking.

  • #8133 Fixed security tables pagination to load all items beyond the 500-item limit (Users, Roles, Policies, Roles Mapping).

Changelogs

The repository changelogs provide more details about the changes.

Product repositories

Auxiliary repositories