CRITICAL10.0CVE-2024-51745Wasmtime doesn't fully sandbox all the Windows device filenames from 0, < 26.0.1+dfsg-1
CRITICAL9.9CVE-2026-34987Wasmtime with Winch compiler backend may allow a sandbox-escaping memory access from 0
HIGH8.1Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding
from 0
HIGH7.8Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift
from 0
HIGH7.5Panic when allocating a table exceeding the size of the host's address space
from 0
HIGH7.5Host panic when Winch compiler executes `table.fill`
from 0
HIGH7.5Panic when lifting `flags` component value
from 0
HIGH7.5Panic adding excessive fields to a `wasi:http/types.fields` instance
from 0
MEDIUM6.5Host data leakage with 64-bit tables and Winch
from 0
MEDIUM6.5Panic when transcoding misaligned component model UTF-16 strings
from 0
MEDIUM6.5Guest-controlled resource exhaustion in WASI implementations
from 0
MEDIUM6.3Data leakage between pooling allocator instances
from 0
MEDIUM5.7Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64
from 0
MEDIUM5.5Wasmtime segfault or unused out-of-sandbox load with `f64.copysign` operator on x86-64
from 0, < 36.0.5+dfsg-1
MEDIUM5.5Runtime crash when combining tail calls with stack traces
from 0, < 21.0.2+dfsg-1
MEDIUM5.4Out-of-bounds write or crash when transcoding component model strings
from 0
MEDIUM5.0Use-after-free bug after cloning `wasmtime::Linker`
from 0
LOW3.5Host panic with `fd_renumber` WASIp1 function
from 0
LOW3.3Panic when using a dropped extenref-typed element segment
from 0, < 21.0.2+dfsg-1
LOW2.9Race condition could lead to WebAssembly control-flow integrity and type safety violations
from 0, < 21.0.2+dfsg-1
LOW2.2Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86\_64
from 0, < 15.0.0+dfsg-1
LOW1.8Unsound API access to a WebAssembly shared linear memory
from 0
—Improperly masked return value from `table.grow` with Winch compiler backend
from 0