CVE-2025-15411

Name of the Vulnerable Software and Affected Versions WebAssembly wabt versions up to 1.0.39

Description A memory corruption issue exists in WebAssembly wabt. The issue is related to the wabt::AST::InsertNode function within the /src/repro/wabt/bin/wasm-decompile file of the wasm-decompile component. This manipulation can lead to memory corruption and is potentially exploitable on the local host. The exploit has been publicly released. The project currently lacks active maintenance.

Recommendations Versions prior to 1.0.39 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.