CVE-2025-15411 | WebAssembly wabt up to 1.0.39 wasm-decompile wabt::AST::InsertNode memory corruption (Issue 2679)

A vulnerability classified as critical has been found in WebAssembly wabt up to 1.0.39. This vulnerability affects the function wabt::AST::InsertNode of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. This manipulation causes memory corruption.

This vulnerability is handled as CVE-2025-15411. It is possible to launch the attack on the local host. Additionally, an exploit exists.

Unfortunately, the project has no active maintainer at the moment. In a reply to the issue report somebody recommended to the researcher to provide a PR himself.

CVE-2025-15411 | WebAssembly wabt up to 1.0.39 wasm-decompile wabt::AST::InsertNode memory corruption (Issue 2679)

Post correlati

CVE-2024-25604 | Liferay Portal/DXP User/Organizations Section authorization

CVE-2025-12818 | PostgreSQL up to 18.0 libpq Client Library integer overflow

CVE-2024-30170 | PrivX up to 31.2/32.2/33.0 REST API denial of service

CVE-2023-37544 | Apache Pulsar WebSocket Proxy up to 2.8.x/2.9.x/2.10.4/2.11.1/3.0.0 /pingpong improper authentication