Lucene search
K

4 matches found

OSV
OSV
added 2026/04/09 8:23 p.m.5 views

GHSA-Q49F-XG75-M9XW Wasmtime has host panic when Winch compiler executes `table.fill`

Impact Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can result in a host panic. This means that a valid guest can be compiled with Winch, on any architecture, and cause the host to panic. This represents a denial-of-service vulnerability i...

7.5CVSS5.8AI score0.00358EPSS
Exploits0References4
OSV
OSV
added 2026/04/09 7:16 p.m.4 views

DEBIAN-CVE-2026-34946

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can result in a host panic. This means that a valid guest can be compiled with Winch, on any architecture...

7.5CVSS5.4AI score0.00358EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/09 6:55 p.m.3 views

CVE-2026-35195

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings between components contains a bug where the return value of a guest component's realloc is not validated before the host attempts to write through the pointer. This...

6.1CVSS5.7AI score0.00216EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/04/09 6:29 p.m.8 views

CVE-2026-34941

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

8.1CVSS5.5AI score0.00376EPSS
Exploits0
Rows per page
Query Builder