Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

SUSE CVE
SUSE CVEadded 2026/04/14 11:25 p.m.5 views

SUSE CVE-2026-34987

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch...

9.9CVSS5.8AI score0.00058EPSS
Exploits0References3
OSV
OSVadded 2026/04/10 3:32 p.m.2 views

GHSA-F984-PCP8-V2P7 Wasmtime has improperly masked return value from `table.grow` with Winch compiler backend

Impact Wasmtime's Winch compiler backend contains a bug where translating the table.grow operator causes the result to be incorrectly typed. For 32-bit tables this means that the result of the operator, internally in Winch, is tagged as a 64-bit value instead of a 32-bit value. This invalid...

6.1CVSS5.7AI score0.00054EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/04/09 6:54 p.m.3 views

CVE-2026-35186 Wasmtime has an improperly masked return value from `table.grow` with Winch compiler backend

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler backend contains a bug where translating the table.grow operator causes the result to be incorrectly typed. For 32-bit tables this means that the result of the operator, internally i...

6.1CVSS5.7AI score0.00054EPSS
Exploits0References1
CVE
CVEadded 2026/04/09 6:54 p.m.8 views

CVE-2026-35186

Wasmtime vulnerable due to a Winch backend bug in table.grow (affecting 32-bit tables) that could mis-interpret the result and allow reads/writes to the 16 bytes before linear memory, causing DoS and potential host-data leakage. Affected versions: Wasmtime 25.0.0 up to before 36.0.7, 42.0.2, and ...

7.5CVSS5.8AI score0.00054EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/09 6:48 p.m.3 views

CVE-2026-34987 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch...

9CVSS5.8AI score0.00058EPSS
Exploits0References1
OSV
OSVadded 2026/04/09 12:0 p.m.1 views

RUSTSEC-2026-0095 Wasmtime with Winch compiler backend may allow a sandbox-escaping memory access

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-xx5w-cvp6-jv83 For more information see the GitHub-hosted security advisory...

9CVSS5.8AI score0.00058EPSS
Exploits0References3
Rows per page
Query Builder