PT-2025-26237 · Unknown+1 · Webassembly Wabt+1

Jjleo

Published

2025-06-19

Updated

2025-07-02

CVE-2025-6275

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions WebAssembly wabt versions 1.0.37 and earlier

Description A vulnerability was found in the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use after free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Recommendations For versions 1.0.37 and earlier, consider updating to a version later than 1.0.37 to resolve the issue. As a temporary workaround, consider disabling the GetFuncOffset function until a patch is available.

Exploit

Fix

Use After Free

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-119

Related Identifiers

CVE-2025-6275

Affected Products

Debian

Webassembly Wabt

PT-2025-26237 · Unknown+1 · Webassembly Wabt+1

CVE-2025-6275

Weakness Enumeration

Related Identifiers

Affected Products

References · 17