Description

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the host's stack to WebAssembly guests. The host's stack can possibly contain sensitive data related to other host-originating operations which is not intended to be disclosed to guests. This bug specifically arose from a mistake where the return value of table.size was statically typed as a 32-bit integer, as opposed to consulting the table's index type to see how large the returned register could be. When combined with details about Wnich's ABI, such as multi-value returns, this can be combined to read stack data from the host, within a guest. This vulnerability is fixed in 36.0.7, 42.0.2, and 43.0.1.

INFO

Published Date :

2026-04-09T18:40:48.446Z

Last Modified :

2026-04-10T14:12:18.460Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-34945 vulnerability.

Vendors Products
Bytecodealliance
  • Wasmtime
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-34945.

URL Resource
https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m9w2-8782-2946 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability