PT-2026-1029 · Wasm3 · Wasm3
Oneafter
·
Published
2026-01-01
·
Updated
2026-01-02
·
CVE-2025-15413
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
wasm3 versions up to 0.5.0
Description
A flaw exists in wasm3 that could lead to memory corruption. The issue is related to the
op SetSlot i32/op CallIndirect function within the m3 exec.h file. Manipulation of this function can trigger the issue. The exploit is publicly available and requires local access.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Memory Corruption
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Wasm3