All 5 CVE vulnerabilities found in wasm-micro-runtime, with AI-generated Chinese analysis, references, and POCs.
Vendor: bytecodealliance
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-64713 | WebAssembly Micro Runtime frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcode CWE-119 | 5.1 | Medium | 2025-11-25 |
| CVE-2025-64704 | WebAssembly Micro Runtime vulnerable to a segmentation fault in v128.store instruction CWE-754 | 4.7 | Medium | 2025-11-25 |
| CVE-2025-58749 | WAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT mode CWE-822 | 6.2AI | MediumAI | 2025-09-16 |
| CVE-2025-54126 | WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified CWE-668 | 9.1AI | CriticalAI | 2025-07-29 |
| CVE-2025-43853 | iwasm vulnerable to filesystem sandbox escape with symlink when using uvwasi feature CWE-61 | 6.5AI | MediumAI | 2025-05-15 |
All 5 known CVE vulnerabilities affecting wasm-micro-runtime with full Chinese analysis, references, and POCs where available.