Primary

Context

WebAssembly Wabt Heap-Based Buffer Overflow Vulnerability in Wasm-Decompile Component

Vulnerability

A heap-buffer-overflow vulnerability has been identified in WebAssembly Wabt versions through 1.0.39, specifically within the wasm-decompile tool. The issue arises in the function wabt::AST::InsertNode, where memory corruption occurs due to improper handling of a std::vector during reallocation. This vulnerability can be exploited locally, leading to potential memory corruption and Denial-of-Service conditions.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to memory corruption and potentially allow for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by using the wasm-decompile tool on a specific WebAssembly binary that triggers the heap-buffer-overflow. The tool must be compiled with AddressSanitizer enabled, which will report the memory corruption error when the vulnerable binary is processed.

Added: Jan 1, 2026, 8:17 PM

Updated: Jan 1, 2026, 8:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WebAssembly Wabt Heap-Based Buffer Overflow Vulnerability in Wasm-Decompile Component

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating