Vulnerabilidades em bytecodealliance
50 resultadosCVE-2026-27195MEDIUMWasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` futureEPSS 0.4%CVE-2026-34946MEDIUMWasmtime's host panics when Winch compiler executes `table.fill`EPSS 0.4%CVE-2026-47261HIGHWasmtime: WASI path_open(TRUNCATE) bypasses `FilePerms::WRITE` host restrictionEPSS 0.4%CVE-2026-34942MEDIUMWasmtime panics when transcoding misaligned utf-16 stringsEPSS 0.4%CVE-2026-27204MEDIUMWasmtime WASI implementations are vulnerable to guest-controlled resource exhaustionEPSS 0.3%CVE-2025-58749LOWWAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT modeEPSS 0.3%CVE-2026-34945LOWWasmtime leaks host data with 64-bit tables and WinchEPSS 0.3%CVE-2026-34943MEDIUMWasmtime panics when lifting `flags` component valueEPSS 0.3%CVE-2024-30266LOWWasmtime vulnerable to panic when using a dropped extenref-typed element segmentEPSS 0.3%CVE-2022-39394LOWwasmtime_trap_code C API function has out of bounds write vulnerabilityEPSS 0.3%CVE-2025-53901LOWWasmtime has host panic with `fd_renumber` WASIp1 functionEPSS 0.3%CVE-2021-39216MEDIUMUse after free passing `externref`s to Wasm in WasmtimeEPSS 0.3%CVE-2021-39219MEDIUMWrong type for `Linker`-define functions when used across two `Engine`sEPSS 0.3%CVE-2021-39218MEDIUMOut-of-bounds read/write and invalid free with `externref`s and GC safepoints in WasmtimeEPSS 0.3%CVE-2026-34988LOWWasmtime leaks data between pooling allocator instancesEPSS 0.3%CVE-2025-64713MEDIUMWebAssembly Micro Runtime frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcodeEPSS 0.3%CVE-2026-34987CRITICALWasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory accessEPSS 0.3%CVE-2026-34971CRITICALWasmtime miscompiled guest heap access enables sandbox escape on aarch64 CraneliftEPSS 0.3%CVE-2024-47763MEDIUMWasmtime runtime crash when combining tail calls with trapping importsEPSS 0.2%CVE-2026-44216MEDIUMWasmtime: Panic when allocating a table exceeding the size of the host's address spaceEPSS 0.2%