CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/21 2:49 p.m.•4 views

MAL-2026-4762 Malicious code in pgrayy-wasmtime (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7c9cfd90d6de2acd86d50019dfa4a2b140ac9246fdcbae8d7aaa3d17bd4af6e The distribution is published as pgrayy-wasmtime but its toplevel.txt declares the top-level import name as wasmtime, and the entire Python source tr...

5.9AI score

OSSF Malicious Packages•added 2026/05/21 2:49 p.m.•8 views

Malicious code in pgrayy-wasmtime (PyPI)

5.9AI score

OSV•added 2026/05/21 12:0 p.m.•5 views

RUSTSEC-2026-0149 WASI path_open(TRUNCATE) bypasses `FilePerms::WRITE` host restriction

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-2r75-cxrj-cmph For more information see the GitHub-hosted security advisory...

7.5CVSS5.8AI score

Exploits0References3

RustSec•added 2026/05/21 12:0 p.m.•10 views

WASI path_open(TRUNCATE) bypasses `FilePerms::WRITE` host restriction

5.8AI score

Exploits0Affected Software1

Positive Technologies•added 2026/05/21 12:0 a.m.•8 views

PT-2026-42815

Name of the Vulnerable Software and Affected Versions wasmtime-wasi affected versions not specified Description An access control mechanism bypass exists when a filesystem preopen is configured with DirPerms::all and FilePerms::READ without FilePerms::WRITE. This allows bypassing restrictions by...

7.5CVSS5.8AI score

Exploits0References10

RedhatCVE•added 2026/05/15 12:0 p.m.•10 views

CVE-2026-44216

A flaw was found in Wasmtime, a runtime for WebAssembly. A remote attacker could exploit an arithmetic overflow vulnerability by instantiating a WebAssembly module or component that attempts to allocate an extremely large table using the WebAssembly memory64 proposal. This flaw causes Wasmtime to...

7.5CVSS5.8AI score0.00049EPSS

Exploits0References4

SUSE CVE•added 2026/05/15 1:58 a.m.•7 views

SUSE CVE-2026-44216

Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmetic which panicked on overflow. This overflow is possible to trigger, and thus panic, when a table with an extremely large size is...

NVD•added 2026/05/14 3:16 p.m.•8 views

Exploits0References3

CVE-2026-44216

7.5CVSS0.00049EPSS

UbuntuCve•added 2026/05/14 3:16 p.m.•7 views

CVE-2026-44216

OSV•added 2026/05/14 3:16 p.m.•4 views

UBUNTU-CVE-2026-44216

Vulnrichment•added 2026/05/14 2:54 p.m.•7 views

Exploits0References3

CVE-2026-44216 Wasmtime: Panic when allocating a table exceeding the size of the host's address space

5.9CVSS6AI score0.00049EPSS

Debian CVE•added 2026/05/14 2:54 p.m.•8 views

CVE-2026-44216

Cvelist•added 2026/05/14 2:54 p.m.•33 views

Exploits0

CVE-2026-44216 Wasmtime: Panic when allocating a table exceeding the size of the host's address space

5.9CVSS0.00049EPSS

CVE•added 2026/05/14 2:54 p.m.•7 views

CVE-2026-44216

Wasmtime (WebAssembly runtime) contains a vulnerability in its allocation logic for WebAssembly tables: checked arithmetic may panic on overflow when allocating extremely large tables (possible with memory64). Affects Wasmtime versions 30.0.0–36.0.8, 43.0.2, and 44.0.1. The panic occurs during cr...

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/14 2:54 p.m.•7 views

CVE-2026-44216

5.9CVSS6AI score0.00049EPSS

Exploits0References2Affected Software1

EUVD•added 2026/05/14 2:54 p.m.•8 views

EUVD-2026-30304

5.9CVSS6AI score0.00049EPSS