浏览 40+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-35195 | Wasmtime has an out-of-bounds write or crash when transcoding component model strings | bytecodealliance | wasmtime | - | - | 2026-04-09 18:55:56 | Deep Dive |
| CVE-2026-35186 | Wasmtime has an improperly masked return value from `table.grow` with Winch compiler backend | bytecodealliance | wasmtime | - | - | 2026-04-09 18:54:49 | Deep Dive |
| CVE-2026-34988 | Wasmtime leaks data between pooling allocator instances | bytecodealliance | wasmtime | - | - | 2026-04-09 18:52:26 | Deep Dive |
| CVE-2026-34987 | Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access | bytecodealliance | wasmtime | - | - | 2026-04-09 18:48:34 | Deep Dive |
| CVE-2026-34983 | Wasmtime has a use-after-free bug after cloning `wasmtime::Linker` | bytecodealliance | wasmtime | - | - | 2026-04-09 18:47:27 | Deep Dive |
| CVE-2026-34971 | Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift | bytecodealliance | wasmtime | - | - | 2026-04-09 18:45:45 | Deep Dive |
| CVE-2026-34946 | Wasmtime's host panics when Winch compiler executes `table.fill` | bytecodealliance | wasmtime | - | - | 2026-04-09 18:43:39 | Deep Dive |
| CVE-2026-34945 | Wasmtime leaks host data with 64-bit tables and Winch | bytecodealliance | wasmtime | - | - | 2026-04-09 18:40:48 | Deep Dive |
| CVE-2026-34944 | Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64 | bytecodealliance | wasmtime | - | - | 2026-04-09 18:38:16 | Deep Dive |
| CVE-2026-34943 | Wasmtime panics when lifting `flags` component value | bytecodealliance | wasmtime | - | - | 2026-04-09 18:36:51 | Deep Dive |
| CVE-2026-34942 | Wasmtime panics when transcoding misaligned utf-16 strings | bytecodealliance | wasmtime | - | - | 2026-04-09 18:32:56 | Deep Dive |
| CVE-2026-34941 | Wasmtime has a Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding | bytecodealliance | wasmtime | - | - | 2026-04-09 18:29:31 | Deep Dive |
| CVE-2026-27572 | Wasmtime can panic when adding excessive fields to a `wasi:http/types.fields` instance | bytecodealliance | wasmtime | 高危 | - | 2026-02-24 21:31:50 | Deep Dive |
| CVE-2026-27204 | Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion | bytecodealliance | wasmtime | 中危 | - | 2026-02-24 21:23:47 | Deep Dive |
| CVE-2026-27195 | Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future | bytecodealliance | wasmtime | 高危 | - | 2026-02-24 21:15:20 | Deep Dive |
| CVE-2026-24116 | Wasmtime segfault or unused out-of-sandbox load with f64.copysign operator on x86-64 | bytecodealliance | wasmtime | - | - | 2026-01-27 18:58:52 | Deep Dive |
| CVE-2025-64345 | Wasmtime provides unsound API access to a WebAssembly shared linear memory | bytecodealliance | wasmtime | Low | 1.8 | 2025-11-12 21:25:51 | Deep Dive |
| CVE-2025-62711 | Wasmtime vulnerable to segfault when using component resources | bytecodealliance | wasmtime | 中危 | - | 2025-10-24 21:54:53 | Deep Dive |
| CVE-2025-61670 | Wasmtime has memory leak in C API with `externref` and `anyref` types | bytecodealliance | wasmtime | - | - | 2025-10-07 18:49:54 | Deep Dive |
| CVE-2025-53901 | Wasmtime has host panic with `fd_renumber` WASIp1 function | bytecodealliance | wasmtime | Low | 3.5 | 2025-07-18 17:10:12 | Deep Dive |