Lucene search
K

5 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-58494

Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination preopens, allowing a WASI guest with a read-only source file capability to overwrite...

6.5CVSS0.00119EPSS
Exploits0References9
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-58494 Wasmtime: WASI hard links bypass wasmtime-wasi's FilePerms for destination

Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination preopens, allowing a WASI guest with a read-only source file capability to overwrite...

6.5CVSS0.00119EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-47261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. In versions prior to 24.0.9, 36.0.10, and 44.0.2, when a filesystem preopen is given DirPerms::all and FilePerms::READ...

7.5CVSS6AI score0.00357EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 9:17 p.m.7 views

DEBIAN-CVE-2026-47261

Wasmtime is a runtime for WebAssembly. In versions prior to 24.0.9, 36.0.10, and 44.0.2, when a filesystem preopen is given DirPerms::all and FilePerms::READ without FilePerms::WRITE, this access control mechanism can be bypassed via the wasip2 descriptor.open-at or wasip1 pathopen interfaces by...

7.5CVSS5.2AI score0.00357EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/24 12:0 a.m.4 views

Foxit Reader XFA preOpen Memory Error Referencing Remote Code Execution Vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the handling of the preOpen event, which could allow the reuse of a pointer that has already been released in the hanging pointer. An attacker could execute arbitrary code in the current...

7.7AI score
Exploits0References1
Rows per page
Query Builder