Wazuh v4.14.2 released

By SecBurg

18. Jan 2026

Wazuh screenshot

Wazuh is an open-source security solution offering integrated XDR and SIEM capabilities to protect endpoints and cloud-based workloads.

The latest version 4.14.2 is mainly a maintenance and bugfix release:

Wazuh v4.14.2 Latest

Manager
Fixed

Prevented Azure Log Analytics bookmarks from being overwritten across similar configurations. (#33046)
Fixed discrepancy in the API certificate files. (#33330)
Made analysisd ruleset reload endpoints fully asynchronous to avoid blocking the API event loop. (#33589)
Improved analysisd ruleset hot reload performance. (#33580)
Avoided using systemctl in restart scripts when systemd is not running as PID 1. (#33602)

Agent
Added

Added detection of the -a never,task Audit rule in FIM whodata for Linux. (#33313)

Fixed

Fixed Windows agent remote upgrade (WPK) when installed in a custom directory. (#33171)
Fixed a package issue causing upgrades to fail when the shared directory contained subdirectories. (#33182)
Fixed FIM issue preventing whodata from working on systems with /var and /etc mounted on different volumes. (#33270)
Optimized user and group inventory performance in Syscollector on Windows Domain Controllers. (#33322)
Fixed an agent bug that prevented directories from being received in the remote configuration. (#33227)
Silenced agent log message about failing to connect to Active Response when it is disabled. (#33343)

Ruleset
Added

Added SCA Policy for Microsoft Windows Server 2025. (#32856)

Changed

Fixed bug in multiple macOS SCA checks. (#33202)

Fixed

Fixed indentation issue in the SCA policy for Windows 10 Enterprise that prevented its execution. (#33361)

Other
Changed

Upgraded the starlette dependency to 0.49.1. (#33069)

Read the installation guide if you want to try it out.

Tools
News