Bytecodealliance Security Vulnerabilities (CVEs)
Track 11 security vulnerabilities affecting Bytecodealliance products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A bug in Wasmtime's async component model implementation causes a panic when call_async futures are dropped before completion and then called again on...
Feb 24, 2026This vulnerability in Wasmtime's WASI HTTP implementation causes denial of service when excessive HTTP headers are processed. The runtime panics inste...
Feb 24, 2026This vulnerability in WebAssembly Micro Runtime (WAMR) allows a segmentation fault to be triggered via a specially crafted v128.store instruction in W...
Nov 25, 2025This vulnerability in WebAssembly Micro Runtime (WAMR) causes runtime hangs or crashes when executing WebAssembly programs with specific memory.fill i...
Sep 16, 2025The WebAssembly Micro Runtime's iwasm package in versions 2.4.0 and below incorrectly handles IPv4 addresses without subnet masks in the --addr-pool p...
Jul 29, 2025A NULL pointer dereference vulnerability in wasm-micro-runtime's block_type_get_result_types function allows attackers to cause denial of service or p...
Nov 8, 2024This vulnerability in Wasmtime's Windows filesystem sandbox allows untrusted WebAssembly programs to bypass device access restrictions by using supers...
Nov 5, 2024An out-of-bounds memory read vulnerability in Bytecode Alliance wasm-micro-runtime v2.0.0 allows remote attackers to cause denial of service by exploi...
May 6, 2024A heap overflow vulnerability in Bytecode Alliance's wasm-micro-runtime version 1.2.3 allows remote attackers to cause denial of service by exploiting...
Nov 22, 2023A memory corruption vulnerability in Wasmtime's Cranelift code generator allows WebAssembly modules to read/write memory beyond their allocated bounds...
Mar 8, 2023A code generation bug in Cranelift 0.73's x64 backend incorrectly sign-extends instead of zero-extends certain i32 values, potentially allowing WebAss...
May 24, 2021Why Monitor Bytecodealliance Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 11+ known vulnerabilities affecting Bytecodealliance products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Bytecodealliance packages in under 60 seconds. No agents required - completely agentless scanning that works across Bytecodealliance deployments.
Free vulnerability database: Access detailed information about every Bytecodealliance CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Bytecodealliance CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
