Medium severity5.3NVD Advisory· Published Dec 19, 2025· Updated Apr 29, 2026
CVE-2025-14956
CVE-2025-14956
Description
A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: 4f52bff8c4075b5630422f902dd92a0af2c9f398. It is recommended to apply a patch to fix this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:webassembly:binaryen:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:webassembly:binaryen:*:*:*:*:*:*:*:*range: <=125
- (no CPE)range: <=125
Patches
Vulnerability mechanics
References
7- github.com/WebAssembly/binaryen/commit/4f52bff8c4075b5630422f902dd92a0af2c9f398nvdPatch
- github.com/WebAssembly/binaryen/issues/8089nvdExploitIssue TrackingThird Party Advisory
- vuldb.comnvdExploitThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- github.com/WebAssembly/binaryen/pull/8092nvdIssue Tracking
- github.com/oneafter/1204/blob/main/hbfnvdNot Applicable
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.