7.5
CVE-2026-44216
- EPSS 0.32%
- Veröffentlicht 14.05.2026 14:54:32
- Zuletzt bearbeitet 13.07.2026 13:16:41
- CVE-Watchlists
- Unerledigt
Wasmtime: Panic when allocating a table exceeding the size of the host's address space
Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmetic which panicked on overflow. This overflow is possible to trigger, and thus panic, when a table with an extremely large size is allocated. This is possible with the WebAssembly memory64 proposal where tables can have sizes in the 64-bit range as opposed to the previous 32-bit range which would not overflow. The panic happens when attempting to create a very large table, such as when instantiating a WebAssembly module or component. This vulnerability is fixed in 36.0.8, 43.0.2, and 44.0.1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bytecodealliance ≫ Wasmtime SwPlatformrust Version >= 30.0.0 < 36.0.8
Bytecodealliance ≫ Wasmtime SwPlatformrust Version >= 37.0.0 < 43.0.2
Bytecodealliance ≫ Wasmtime Version44.0.0 SwPlatformrust
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.32% | 0.236 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| security-advisories@github.com | 5.9 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
https://bugzilla.redhat.com/show_bug.cgi?id=2477467
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44216.json
https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-p8xm-42r7-89xg
https://access.redhat.com/errata/RHSA-2026:38187
https://access.redhat.com/security/cve/CVE-2026-44216