CVE-2026-34945

EPSS 0.01%
Veröffentlicht 09.04.2026 19:16:24
Zuletzt bearbeitet 20.04.2026 18:26:39
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Wasmtime leaks host data with 64-bit tables and Winch

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the host's stack to WebAssembly guests. The host's stack can possibly contain sensitive data related to other host-originating operations which is not intended to be disclosed to guests. This bug specifically arose from a mistake where the return value of table.size was statically typed as a 32-bit integer, as opposed to consulting the table's index type to see how large the returned register could be. When combined with details about Wnich's ABI, such as multi-value returns, this can be combined to read stack data from the host, within a guest. This vulnerability is fixed in 36.0.7, 42.0.2, and 43.0.1.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 3 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bytecodealliance ≫ Wasmtime SwPlatformrust Version >= 25.0.0 < 36.0.7

Bytecodealliance ≫ Wasmtime SwPlatformrust Version >= 37.0.0 < 42.0.2

Bytecodealliance ≫ Wasmtime SwPlatformrust Version >= 43.0.0 < 43.0.1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.027

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
security-advisories@github.com	2.3	0	0	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-681 Incorrect Conversion between Numeric Types

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m9w2-8782-2946

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-34945

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-34945

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-34945

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-34945