Please refer to the Bytecode Alliance security policy for details on how to report security issues in WebAssembly Micro Runtime, our disclosure policy, and how to receive notifications about security issues.
Security: bytecodealliance/wasm-micro-runtime
Security
SECURITY.md
-
Segmentation fault in v128.store instructionGHSA-2f2p-wf5w-82qr published
Nov 25, 2025 by lum1n0usModerate -
frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcodeGHSA-gvx3-gg3x-rjcx published
Nov 25, 2025 by lum1n0usModerate -
When `address >= 2GiB` in `memory.fill` , `iwasm` cannot exit normally in `LLVM-JIT` mode.GHSA-xj5p-r8jq-pw47 published
Sep 16, 2025 by lum1n0usModerate -
`--addr-pool` option allows all IPv4 addresses when subnet mask is not specifiedGHSA-vh64-mfvw-pxqp published
Jul 29, 2025 by lum1n0usModerate -
Filesystem sandbox escape with symlink when using uvwasi featureGHSA-8fc8-4g25-c8m7 published
May 15, 2025 by lum1n0usHigh
Learn more about advisories related to bytecodealliance/wasm-micro-runtime in the GitHub Advisory Database