Nahid Hasan
unread,Jul 8, 2026, 2:10:13 AM (11 days ago) Jul 8Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Wazuh | Mailing List
Hello there,
I am running Wazuh agent v4.13 on one of my Debian 13 machines, where the package libsnd version 1.2.2-2+deb13u1 is installed.
I recently found that CVE-2026-37555 is reported for this package on the Debian security site. I have attached a screenshot from the Debian site for reference.
However, when I checked the same host in Wazuh CTI, it shows the package as unaffected. I have also attached a second screenshot showing the Wazuh result.
Could you please clarify whether this is expected behavior? Is this CVE mapped differently in Wazuh, or could there be a mismatch in the vulnerability feed or package version detection?
Thank you for your help.
Regards,
Nahid Hasan