Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/04/10 11:25 p.m.6 views

SUSE CVE-2026-34941

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

5.3CVSS5.8AI score0.00376EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/09 11:0 p.m.5 views

CVE-2026-34941

A flaw was found in Wasmtime, a runtime for WebAssembly. When transcoding a UTF-16 string to the latin1+utf16 component-model encoding, Wasmtime incorrectly validates the byte length of the input string, checking the number of code units instead of the actual byte length. This vulnerability can...

8.1CVSS5.9AI score0.00376EPSS
Exploits0References4
CVE
CVE
added 2026/04/09 6:32 p.m.21 views

CVE-2026-34942

Wasmtime VM exposes a DoS risk due to a panic-triggering path when transcoding strings into utf16/latin1+utf16. Root cause: alignment verification for reallocated strings was improper, allowing unaligned pointers to be passed to the host by a malicious guest. Affected versions prior to fixed rele...

6.5CVSS5.9AI score0.00354EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.8 views

PT-2026-31680

Name of the Vulnerable Software and Affected Versions Wasmtime versions prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1 Description Wasmtime contains an issue where transcoding a UTF-16 string to the latin1+utf16 component-model encoding incorrectly validates the byte length of the input string durin...

8.1CVSS5.8AI score0.00376EPSS
Exploits0References19
Rows per page
Query Builder