CVE-2026-34942

A flaw was found in Wasmtime, a runtime for WebAssembly. This vulnerability allows a malicious guest to trigger a host panic by improperly verifying the alignment of reallocated strings during transcoding. By transferring specific strings across components, an attacker can exploit this to cause a...

CVE-2026-34942

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...

wasmtime 输入验证错误漏洞

Wasmtime is a lightweight WebAssembly runtime open source by the Bytecode Alliance. Versions of Wastime prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1 contained a vulnerability related to input validation errors. This vulnerability stemmed from the improper validation of the alignment of reallocated...

OpenVMPSd 1.3 - Remote Format String

/ gexp-openvmpsd.c OpenVMPSd v1.3 Remote Format String Exploit Copyright C 2005 Gotfault Security Bug found and developed by: barros and xgc Original Reference: http://gotfault.net/research/exploit/gexp-openvmpsd.c / include include include include include include include include include include...