CVE-2025-15412

Medium CVSS: 4.8

A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decompiler::VarName of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. Such manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. Unfortunately, the project has no active maintainer at the moment. In a reply to the issue report somebody recommended to the researcher to provide a PR himself.

Vendor

Webassembly

Product

Wabt

CWE

CWE-119

Yayın Tarihi

2026-01-01 21:15:41

Güncelleme

2026-02-23 09:16:18

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Wabt MEDIUM Webassembly 2026

Referanslar

https://github.com/WebAssembly/wabt/ https://github.com/WebAssembly/wabt/issues/2678 https://github.com/oneafter/1208/blob/main/af1 https://vuldb.com/?ctiid.339333 https://vuldb.com/?id.339333 https://vuldb.com/?submit.719826

Benzer Kayıtlar

Medium

CVE-2025-15411

A weakness has been identified in WebAssembly wabt up to 1.0.39. This vulnerability affects the function wabt::AST::Inse…

Medium

CVE-2025-14956

A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReade…

Medium

CVE-2025-14957

A vulnerability was identified in WebAssembly Binaryen up to 125. This affects the function IRBuilder::makeLocalGet/IRBu…

Medium

CVE-2025-6275

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulner…

Medium

CVE-2025-6274

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the funct…

Medium

CVE-2025-6273

A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the functio…