CVE-2025-6272

A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of-bounds write. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
VulDBCNA
3.3 LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
VendorProductVersion
wasm3_projectwasm3
0.5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/user-attachments/files/19516600/wasm3_crash.txt
https://github.com/wasm3/wasm3/issues/531
https://vuldb.com/?ctiid.313276
https://vuldb.com/?id.313276
https://vuldb.com/?submit.593008
https://github.com/wasm3/wasm3/issues/531