Bytecodealliance Webassembly Micro Runtime — known CVE vulnerabilities
Every CVE whose affected-product data names Bytecodealliance Webassembly Micro Runtime, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2024-25431 — CVSS 7.8 (high): An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in commit 06df58f allows a remote attacker to escalate…
CVE-2023-48105 — CVSS 7.5 (high): An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of…
CVE-2024-27532 — CVSS 7.5 (high): wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) 06df58f is vulnerable to NULL Pointer Dereference in function…
CVE-2024-34251 — CVSS 7.5 (high): An out-of-bound memory read vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to…
CVE-2024-34250 — CVSS 6.2 (medium): A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause…
CVE-2023-52284 — CVSS 5.5 (medium): Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an "double free or corruption" error for…
CVE-2025-43853 — CVSS 5.5 (medium): The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System…
CVE-2025-54126 — CVSS 5.3 (medium): The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System…
CVE-2025-58749 — CVSS 5.3 (medium): WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. In WAMR versions prior to 2.4.2, when running in…
CVE-2025-64713 — CVSS 5.1 (medium): WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. Prior to version 2.4.4, an out-of-bounds array…
CVE-2025-64704 — CVSS 4.7 (medium): WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. Prior to version 2.4.4, WAMR is susceptible to a…