CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-27572

Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04, 41.0.4, and 42.0.0, Wasmtime's implementation of the `wasi:http/types.fields` resource is susceptible to panics when too many fields are added to the set of headers. Wasmtime's implementation in the `wasmtime-wasi-http` crate is backed by a data structure which panics when it reaches excessive capacity and this condition was not handled gracefully in Wasmtime. Panicking in a WASI implementation is a Denial of Service vector for embedders and is treated as a security vulnerability in Wasmtime. Wasmtime 24.0.6, 36.0.6, 40.0.4, 41.0.4, and 42.0.0 patch this vulnerability and return a trap to the guest instead of panicking. There are no known workarounds at this time. Embedders are encouraged to update to a patched version of Wasmtime.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.2%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2026-27572

Bytecodealliance » Wasmtime » Version: 0.10.0

cpe:2.3:a:bytecodealliance:wasmtime:0.10.0
Bytecodealliance » Wasmtime » Version: 0.11.0

cpe:2.3:a:bytecodealliance:wasmtime:0.11.0
Bytecodealliance » Wasmtime » Version: 0.12.0

cpe:2.3:a:bytecodealliance:wasmtime:0.12.0
Bytecodealliance » Wasmtime » Version: 0.15.0

cpe:2.3:a:bytecodealliance:wasmtime:0.15.0
Bytecodealliance » Wasmtime » Version: 0.16.0

cpe:2.3:a:bytecodealliance:wasmtime:0.16.0
Bytecodealliance » Wasmtime » Version: 0.17.0

cpe:2.3:a:bytecodealliance:wasmtime:0.17.0
Bytecodealliance » Wasmtime » Version: 0.18.0

cpe:2.3:a:bytecodealliance:wasmtime:0.18.0
Bytecodealliance » Wasmtime » Version: 0.19.0

cpe:2.3:a:bytecodealliance:wasmtime:0.19.0
Bytecodealliance » Wasmtime » Version: 0.2.0

cpe:2.3:a:bytecodealliance:wasmtime:0.2.0
Bytecodealliance » Wasmtime » Version: 0.20.0

cpe:2.3:a:bytecodealliance:wasmtime:0.20.0
Bytecodealliance » Wasmtime » Version: 0.21.0

cpe:2.3:a:bytecodealliance:wasmtime:0.21.0
Bytecodealliance » Wasmtime » Version: 0.22.0

cpe:2.3:a:bytecodealliance:wasmtime:0.22.0
Bytecodealliance » Wasmtime » Version: 0.22.1

cpe:2.3:a:bytecodealliance:wasmtime:0.22.1
Bytecodealliance » Wasmtime » Version: 0.23.0

cpe:2.3:a:bytecodealliance:wasmtime:0.23.0
Bytecodealliance » Wasmtime » Version: 0.24.0

cpe:2.3:a:bytecodealliance:wasmtime:0.24.0
Bytecodealliance » Wasmtime » Version: 0.25.0

cpe:2.3:a:bytecodealliance:wasmtime:0.25.0
Bytecodealliance » Wasmtime » Version: 0.26.0

cpe:2.3:a:bytecodealliance:wasmtime:0.26.0
Bytecodealliance » Wasmtime » Version: 0.26.1

cpe:2.3:a:bytecodealliance:wasmtime:0.26.1
Bytecodealliance » Wasmtime » Version: 0.27.0

cpe:2.3:a:bytecodealliance:wasmtime:0.27.0
Bytecodealliance » Wasmtime » Version: 0.28.0

cpe:2.3:a:bytecodealliance:wasmtime:0.28.0
Bytecodealliance » Wasmtime » Version: 0.29.0

cpe:2.3:a:bytecodealliance:wasmtime:0.29.0
Bytecodealliance » Wasmtime » Version: 0.3.0

cpe:2.3:a:bytecodealliance:wasmtime:0.3.0
Bytecodealliance » Wasmtime » Version: 0.30.0

cpe:2.3:a:bytecodealliance:wasmtime:0.30.0
Bytecodealliance » Wasmtime » Version: 0.31.0

cpe:2.3:a:bytecodealliance:wasmtime:0.31.0
Bytecodealliance » Wasmtime » Version: 0.32.0

cpe:2.3:a:bytecodealliance:wasmtime:0.32.0
Bytecodealliance » Wasmtime » Version: 0.32.1

cpe:2.3:a:bytecodealliance:wasmtime:0.32.1
Bytecodealliance » Wasmtime » Version: 0.33.0

cpe:2.3:a:bytecodealliance:wasmtime:0.33.0
Bytecodealliance » Wasmtime » Version: 0.33.1

cpe:2.3:a:bytecodealliance:wasmtime:0.33.1
Bytecodealliance » Wasmtime » Version: 0.34.0

cpe:2.3:a:bytecodealliance:wasmtime:0.34.0
Bytecodealliance » Wasmtime » Version: 0.34.1

cpe:2.3:a:bytecodealliance:wasmtime:0.34.1
Bytecodealliance » Wasmtime » Version: 0.34.2

cpe:2.3:a:bytecodealliance:wasmtime:0.34.2
Bytecodealliance » Wasmtime » Version: 0.35.0

cpe:2.3:a:bytecodealliance:wasmtime:0.35.0
Bytecodealliance » Wasmtime » Version: 0.35.1

cpe:2.3:a:bytecodealliance:wasmtime:0.35.1
Bytecodealliance » Wasmtime » Version: 0.35.2

cpe:2.3:a:bytecodealliance:wasmtime:0.35.2
Bytecodealliance » Wasmtime » Version: 0.35.3

cpe:2.3:a:bytecodealliance:wasmtime:0.35.3
Bytecodealliance » Wasmtime » Version: 0.36.0

cpe:2.3:a:bytecodealliance:wasmtime:0.36.0
Bytecodealliance » Wasmtime » Version: 0.37.0

cpe:2.3:a:bytecodealliance:wasmtime:0.37.0
Bytecodealliance » Wasmtime » Version: 0.38.0

cpe:2.3:a:bytecodealliance:wasmtime:0.38.0
Bytecodealliance » Wasmtime » Version: 0.38.1

cpe:2.3:a:bytecodealliance:wasmtime:0.38.1
Bytecodealliance » Wasmtime » Version: 0.38.2

cpe:2.3:a:bytecodealliance:wasmtime:0.38.2
Bytecodealliance » Wasmtime » Version: 0.38.3

cpe:2.3:a:bytecodealliance:wasmtime:0.38.3
Bytecodealliance » Wasmtime » Version: 0.39.0

cpe:2.3:a:bytecodealliance:wasmtime:0.39.0
Bytecodealliance » Wasmtime » Version: 0.39.1

cpe:2.3:a:bytecodealliance:wasmtime:0.39.1
Bytecodealliance » Wasmtime » Version: 0.4.0

cpe:2.3:a:bytecodealliance:wasmtime:0.4.0
Bytecodealliance » Wasmtime » Version: 0.40.0

cpe:2.3:a:bytecodealliance:wasmtime:0.40.0
Bytecodealliance » Wasmtime » Version: 0.40.1

cpe:2.3:a:bytecodealliance:wasmtime:0.40.1
Bytecodealliance » Wasmtime » Version: 0.6.0

cpe:2.3:a:bytecodealliance:wasmtime:0.6.0
Bytecodealliance » Wasmtime » Version: 0.8.0

cpe:2.3:a:bytecodealliance:wasmtime:0.8.0
Bytecodealliance » Wasmtime » Version: 0.9.0

cpe:2.3:a:bytecodealliance:wasmtime:0.9.0
Bytecodealliance » Wasmtime » Version: 1.0.0

cpe:2.3:a:bytecodealliance:wasmtime:1.0.0
Bytecodealliance » Wasmtime » Version: 1.0.1

cpe:2.3:a:bytecodealliance:wasmtime:1.0.1
Bytecodealliance » Wasmtime » Version: 1.0.2

cpe:2.3:a:bytecodealliance:wasmtime:1.0.2
Bytecodealliance » Wasmtime » Version: 10.0.0

cpe:2.3:a:bytecodealliance:wasmtime:10.0.0
Bytecodealliance » Wasmtime » Version: 10.0.1

cpe:2.3:a:bytecodealliance:wasmtime:10.0.1
Bytecodealliance » Wasmtime » Version: 10.0.2

cpe:2.3:a:bytecodealliance:wasmtime:10.0.2
Bytecodealliance » Wasmtime » Version: 11.0.0

cpe:2.3:a:bytecodealliance:wasmtime:11.0.0
Bytecodealliance » Wasmtime » Version: 11.0.1

cpe:2.3:a:bytecodealliance:wasmtime:11.0.1
Bytecodealliance » Wasmtime » Version: 11.0.2

cpe:2.3:a:bytecodealliance:wasmtime:11.0.2
Bytecodealliance » Wasmtime » Version: 12.0.0

cpe:2.3:a:bytecodealliance:wasmtime:12.0.0
Bytecodealliance » Wasmtime » Version: 12.0.1

cpe:2.3:a:bytecodealliance:wasmtime:12.0.1
Bytecodealliance » Wasmtime » Version: 12.0.2

cpe:2.3:a:bytecodealliance:wasmtime:12.0.2
Bytecodealliance » Wasmtime » Version: 13.0.0

cpe:2.3:a:bytecodealliance:wasmtime:13.0.0
Bytecodealliance » Wasmtime » Version: 13.0.1

cpe:2.3:a:bytecodealliance:wasmtime:13.0.1
Bytecodealliance » Wasmtime » Version: 14.0.0

cpe:2.3:a:bytecodealliance:wasmtime:14.0.0
Bytecodealliance » Wasmtime » Version: 14.0.1

cpe:2.3:a:bytecodealliance:wasmtime:14.0.1
Bytecodealliance » Wasmtime » Version: 14.0.2

cpe:2.3:a:bytecodealliance:wasmtime:14.0.2
Bytecodealliance » Wasmtime » Version: 14.0.3

cpe:2.3:a:bytecodealliance:wasmtime:14.0.3
Bytecodealliance » Wasmtime » Version: 14.0.4

cpe:2.3:a:bytecodealliance:wasmtime:14.0.4
Bytecodealliance » Wasmtime » Version: 15.0.0

cpe:2.3:a:bytecodealliance:wasmtime:15.0.0
Bytecodealliance » Wasmtime » Version: 15.0.1

cpe:2.3:a:bytecodealliance:wasmtime:15.0.1
Bytecodealliance » Wasmtime » Version: 16.0.0

cpe:2.3:a:bytecodealliance:wasmtime:16.0.0
Bytecodealliance » Wasmtime » Version: 17.0.0

cpe:2.3:a:bytecodealliance:wasmtime:17.0.0
Bytecodealliance » Wasmtime » Version: 17.0.1

cpe:2.3:a:bytecodealliance:wasmtime:17.0.1
Bytecodealliance » Wasmtime » Version: 17.0.2

cpe:2.3:a:bytecodealliance:wasmtime:17.0.2
Bytecodealliance » Wasmtime » Version: 17.0.3

cpe:2.3:a:bytecodealliance:wasmtime:17.0.3
Bytecodealliance » Wasmtime » Version: 18.0.0

cpe:2.3:a:bytecodealliance:wasmtime:18.0.0
Bytecodealliance » Wasmtime » Version: 18.0.1

cpe:2.3:a:bytecodealliance:wasmtime:18.0.1
Bytecodealliance » Wasmtime » Version: 18.0.2

cpe:2.3:a:bytecodealliance:wasmtime:18.0.2
Bytecodealliance » Wasmtime » Version: 18.0.3

cpe:2.3:a:bytecodealliance:wasmtime:18.0.3
Bytecodealliance » Wasmtime » Version: 18.0.4

cpe:2.3:a:bytecodealliance:wasmtime:18.0.4
Bytecodealliance » Wasmtime » Version: 19.0.0

cpe:2.3:a:bytecodealliance:wasmtime:19.0.0
Bytecodealliance » Wasmtime » Version: 19.0.1

cpe:2.3:a:bytecodealliance:wasmtime:19.0.1
Bytecodealliance » Wasmtime » Version: 19.0.2

cpe:2.3:a:bytecodealliance:wasmtime:19.0.2
Bytecodealliance » Wasmtime » Version: 2.0.0

cpe:2.3:a:bytecodealliance:wasmtime:2.0.0
Bytecodealliance » Wasmtime » Version: 2.0.1

cpe:2.3:a:bytecodealliance:wasmtime:2.0.1
Bytecodealliance » Wasmtime » Version: 2.0.2

cpe:2.3:a:bytecodealliance:wasmtime:2.0.2
Bytecodealliance » Wasmtime » Version: 20.0.0

cpe:2.3:a:bytecodealliance:wasmtime:20.0.0
Bytecodealliance » Wasmtime » Version: 20.0.1

cpe:2.3:a:bytecodealliance:wasmtime:20.0.1
Bytecodealliance » Wasmtime » Version: 20.0.2

cpe:2.3:a:bytecodealliance:wasmtime:20.0.2
Bytecodealliance » Wasmtime » Version: 21.0.0

cpe:2.3:a:bytecodealliance:wasmtime:21.0.0
Bytecodealliance » Wasmtime » Version: 21.0.1

cpe:2.3:a:bytecodealliance:wasmtime:21.0.1
Bytecodealliance » Wasmtime » Version: 21.0.2

cpe:2.3:a:bytecodealliance:wasmtime:21.0.2
Bytecodealliance » Wasmtime » Version: 22.0.0

cpe:2.3:a:bytecodealliance:wasmtime:22.0.0
Bytecodealliance » Wasmtime » Version: 22.0.1

cpe:2.3:a:bytecodealliance:wasmtime:22.0.1
Bytecodealliance » Wasmtime » Version: 23.0.0

cpe:2.3:a:bytecodealliance:wasmtime:23.0.0
Bytecodealliance » Wasmtime » Version: 23.0.1

cpe:2.3:a:bytecodealliance:wasmtime:23.0.1
Bytecodealliance » Wasmtime » Version: 23.0.2

cpe:2.3:a:bytecodealliance:wasmtime:23.0.2
Bytecodealliance » Wasmtime » Version: 23.0.3

cpe:2.3:a:bytecodealliance:wasmtime:23.0.3
Bytecodealliance » Wasmtime » Version: 24.0.0

cpe:2.3:a:bytecodealliance:wasmtime:24.0.0
Bytecodealliance » Wasmtime » Version: 24.0.1

cpe:2.3:a:bytecodealliance:wasmtime:24.0.1
Bytecodealliance » Wasmtime » Version: 24.0.2

cpe:2.3:a:bytecodealliance:wasmtime:24.0.2
Bytecodealliance » Wasmtime » Version: 24.0.3

cpe:2.3:a:bytecodealliance:wasmtime:24.0.3
Bytecodealliance » Wasmtime » Version: 24.0.4

cpe:2.3:a:bytecodealliance:wasmtime:24.0.4
Bytecodealliance » Wasmtime » Version: 25.0.0

cpe:2.3:a:bytecodealliance:wasmtime:25.0.0
Bytecodealliance » Wasmtime » Version: 25.0.1

cpe:2.3:a:bytecodealliance:wasmtime:25.0.1
Bytecodealliance » Wasmtime » Version: 25.0.2

cpe:2.3:a:bytecodealliance:wasmtime:25.0.2
Bytecodealliance » Wasmtime » Version: 25.0.3

cpe:2.3:a:bytecodealliance:wasmtime:25.0.3
Bytecodealliance » Wasmtime » Version: 26.0.0

cpe:2.3:a:bytecodealliance:wasmtime:26.0.0
Bytecodealliance » Wasmtime » Version: 26.0.1

cpe:2.3:a:bytecodealliance:wasmtime:26.0.1
Bytecodealliance » Wasmtime » Version: 27.0.0

cpe:2.3:a:bytecodealliance:wasmtime:27.0.0
Bytecodealliance » Wasmtime » Version: 28.0.0

cpe:2.3:a:bytecodealliance:wasmtime:28.0.0
Bytecodealliance » Wasmtime » Version: 28.0.1

cpe:2.3:a:bytecodealliance:wasmtime:28.0.1
Bytecodealliance » Wasmtime » Version: 29.0.0

cpe:2.3:a:bytecodealliance:wasmtime:29.0.0
Bytecodealliance » Wasmtime » Version: 29.0.1

cpe:2.3:a:bytecodealliance:wasmtime:29.0.1
Bytecodealliance » Wasmtime » Version: 3.0.0

cpe:2.3:a:bytecodealliance:wasmtime:3.0.0
Bytecodealliance » Wasmtime » Version: 3.0.1

cpe:2.3:a:bytecodealliance:wasmtime:3.0.1
Bytecodealliance » Wasmtime » Version: 30.0.0

cpe:2.3:a:bytecodealliance:wasmtime:30.0.0
Bytecodealliance » Wasmtime » Version: 30.0.1

cpe:2.3:a:bytecodealliance:wasmtime:30.0.1
Bytecodealliance » Wasmtime » Version: 30.0.2

cpe:2.3:a:bytecodealliance:wasmtime:30.0.2
Bytecodealliance » Wasmtime » Version: 31.0.0

cpe:2.3:a:bytecodealliance:wasmtime:31.0.0
Bytecodealliance » Wasmtime » Version: 32.0.0

cpe:2.3:a:bytecodealliance:wasmtime:32.0.0
Bytecodealliance » Wasmtime » Version: 32.0.1

cpe:2.3:a:bytecodealliance:wasmtime:32.0.1
Bytecodealliance » Wasmtime » Version: 33.0.0

cpe:2.3:a:bytecodealliance:wasmtime:33.0.0
Bytecodealliance » Wasmtime » Version: 33.0.1

cpe:2.3:a:bytecodealliance:wasmtime:33.0.1
Bytecodealliance » Wasmtime » Version: 33.0.2

cpe:2.3:a:bytecodealliance:wasmtime:33.0.2
Bytecodealliance » Wasmtime » Version: 34.0.0

cpe:2.3:a:bytecodealliance:wasmtime:34.0.0
Bytecodealliance » Wasmtime » Version: 34.0.1

cpe:2.3:a:bytecodealliance:wasmtime:34.0.1
Bytecodealliance » Wasmtime » Version: 34.0.2

cpe:2.3:a:bytecodealliance:wasmtime:34.0.2
Bytecodealliance » Wasmtime » Version: 35.0.0

cpe:2.3:a:bytecodealliance:wasmtime:35.0.0
Bytecodealliance » Wasmtime » Version: 36.0.0

cpe:2.3:a:bytecodealliance:wasmtime:36.0.0
Bytecodealliance » Wasmtime » Version: 36.0.1

cpe:2.3:a:bytecodealliance:wasmtime:36.0.1
Bytecodealliance » Wasmtime » Version: 36.0.2

cpe:2.3:a:bytecodealliance:wasmtime:36.0.2
Bytecodealliance » Wasmtime » Version: 36.0.3

cpe:2.3:a:bytecodealliance:wasmtime:36.0.3
Bytecodealliance » Wasmtime » Version: 36.0.4

cpe:2.3:a:bytecodealliance:wasmtime:36.0.4
Bytecodealliance » Wasmtime » Version: 36.0.5

cpe:2.3:a:bytecodealliance:wasmtime:36.0.5
Bytecodealliance » Wasmtime » Version: 37.0.0

cpe:2.3:a:bytecodealliance:wasmtime:37.0.0
Bytecodealliance » Wasmtime » Version: 37.0.1

cpe:2.3:a:bytecodealliance:wasmtime:37.0.1
Bytecodealliance » Wasmtime » Version: 37.0.2

cpe:2.3:a:bytecodealliance:wasmtime:37.0.2
Bytecodealliance » Wasmtime » Version: 38.0.0

cpe:2.3:a:bytecodealliance:wasmtime:38.0.0
Bytecodealliance » Wasmtime » Version: 38.0.1

cpe:2.3:a:bytecodealliance:wasmtime:38.0.1
Bytecodealliance » Wasmtime » Version: 38.0.2

cpe:2.3:a:bytecodealliance:wasmtime:38.0.2
Bytecodealliance » Wasmtime » Version: 38.0.3

cpe:2.3:a:bytecodealliance:wasmtime:38.0.3
Bytecodealliance » Wasmtime » Version: 38.0.4

cpe:2.3:a:bytecodealliance:wasmtime:38.0.4
Bytecodealliance » Wasmtime » Version: 4.0.0

cpe:2.3:a:bytecodealliance:wasmtime:4.0.0
Bytecodealliance » Wasmtime » Version: 4.0.1

cpe:2.3:a:bytecodealliance:wasmtime:4.0.1
Bytecodealliance » Wasmtime » Version: 40.0.0

cpe:2.3:a:bytecodealliance:wasmtime:40.0.0
Bytecodealliance » Wasmtime » Version: 40.0.1

cpe:2.3:a:bytecodealliance:wasmtime:40.0.1
Bytecodealliance » Wasmtime » Version: 40.0.2

cpe:2.3:a:bytecodealliance:wasmtime:40.0.2
Bytecodealliance » Wasmtime » Version: 40.0.3

cpe:2.3:a:bytecodealliance:wasmtime:40.0.3
Bytecodealliance » Wasmtime » Version: 41.0.0

cpe:2.3:a:bytecodealliance:wasmtime:41.0.0
Bytecodealliance » Wasmtime » Version: 41.0.1

cpe:2.3:a:bytecodealliance:wasmtime:41.0.1
Bytecodealliance » Wasmtime » Version: 41.0.2

cpe:2.3:a:bytecodealliance:wasmtime:41.0.2
Bytecodealliance » Wasmtime » Version: 41.0.3

cpe:2.3:a:bytecodealliance:wasmtime:41.0.3
Bytecodealliance » Wasmtime » Version: 5.0.0

cpe:2.3:a:bytecodealliance:wasmtime:5.0.0
Bytecodealliance » Wasmtime » Version: 5.0.1

cpe:2.3:a:bytecodealliance:wasmtime:5.0.1
Bytecodealliance » Wasmtime » Version: 6.0.0

cpe:2.3:a:bytecodealliance:wasmtime:6.0.0
Bytecodealliance » Wasmtime » Version: 6.0.1

cpe:2.3:a:bytecodealliance:wasmtime:6.0.1
Bytecodealliance » Wasmtime » Version: 6.0.2

cpe:2.3:a:bytecodealliance:wasmtime:6.0.2
Bytecodealliance » Wasmtime » Version: 7.0.0

cpe:2.3:a:bytecodealliance:wasmtime:7.0.0
Bytecodealliance » Wasmtime » Version: 7.0.1

cpe:2.3:a:bytecodealliance:wasmtime:7.0.1
Bytecodealliance » Wasmtime » Version: 8.0.0

cpe:2.3:a:bytecodealliance:wasmtime:8.0.0
Bytecodealliance » Wasmtime » Version: 8.0.1

cpe:2.3:a:bytecodealliance:wasmtime:8.0.1
Bytecodealliance » Wasmtime » Version: 9.0.0

cpe:2.3:a:bytecodealliance:wasmtime:9.0.0
Bytecodealliance » Wasmtime » Version: 9.0.1

cpe:2.3:a:bytecodealliance:wasmtime:9.0.1
Bytecodealliance » Wasmtime » Version: 9.0.2

cpe:2.3:a:bytecodealliance:wasmtime:9.0.2
Bytecodealliance » Wasmtime » Version: 9.0.3

cpe:2.3:a:bytecodealliance:wasmtime:9.0.3
Bytecodealliance » Wasmtime » Version: 9.0.4

cpe:2.3:a:bytecodealliance:wasmtime:9.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-27572

Products

Pricing

Contact Us