CVE-2026-34945

LOW EPSS 24.1%
Published Apr 9, 20262mo ago · Modified Jun 17, 20261w ago
2.3 CVSS 4.0
Low
Find Similar
Published Apr 9, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago

Description

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the host's stack to WebAssembly guests. The host's stack can possibly contain sensitive data related to other host-originating operations which is not intended to be disclosed to guests. This bug specifically arose from a mistake where the return value of table.size was statically typed as a 32-bit integer, as opposed to consulting the table's index type to see how large the returned register could be. When combined with details about Wnich's ABI, such as multi-value returns, this can be combined to read stack data from the host, within a guest. This vulnerability is fixed in 36.0.7, 42.0.2, and 43.0.1.

CVSS Details

Base Score
2.3
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
24.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-681

Affected Products 3

VendorProductVersionRange
bytecodealliancewasmtime*≥25.0.0  –  <36.0.7
bytecodealliancewasmtime*≥37.0.0  –  <42.0.2
bytecodealliancewasmtime*≥43.0.0  –  <43.0.1

References 1

  • github.com https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m9w2-8782-2946
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.