CVE-2026-8257
Heap-based Buffer Overflow in Binaryen
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| webassembly | binaryen | to 117 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-617 | The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the WebAssembly Binaryen tool, specifically in the function IRBuilder::makeBrOn within the BrOn Parser component. It causes an assertion failure when the code processes malformed WebAssembly input where certain fields (`ref` and `desc`) are not valid reference types but instead are of type `i32`. This leads to an unexpected assertion error during the parsing process.
The issue arises because the code expects these fields to be valid reference types or unreachable, but when they are not, the assertion triggers, causing the tool to fail. The vulnerability requires local access to exploit and can cause crashes or unexpected behavior in the Binaryen toolchain.
A patch was created to add validation checks to ensure these fields are valid before proceeding, preventing the assertion failure.
How can this vulnerability impact me? :
This vulnerability can cause the WebAssembly Binaryen tool to crash or behave unexpectedly when processing malformed input. Since the assertion failure occurs locally, an attacker with local access could trigger this condition to disrupt the tool's operation.
The impact is limited to denial of service or instability of the Binaryen toolchain during WebAssembly code compilation or optimization, potentially affecting development or build processes that rely on this tool.
The CVSS scores indicate a low severity, reflecting that the vulnerability requires local access and does not lead to code execution or data compromise.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability manifests as an assertion failure in the WebAssembly Binaryen toolchain when processing malformed WebAssembly input, specifically in the BrOn parsing functionality.
To detect this issue, you can attempt to reproduce the assertion failure by running the `wasm-ctor-eval` tool on malformed or crafted WebAssembly input files similar to the provided proof-of-concept (PoC) file named `poc`.
A suggested command to detect the vulnerability is:
- `wasm-ctor-eval poc`
If the tool crashes or triggers an assertion failure related to `wasm::Type::getHeapType()` or the BrOn parser, the vulnerability is present.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to apply the official patch that addresses this vulnerability.
Specifically, update your WebAssembly Binaryen installation to include the fix introduced in commit `1251efbc1ea471c1311d2726b2bbe061ff2a291c`, which adds validation checks in the BrOn parsing logic to prevent assertion failures.
Until the patch is applied, avoid processing untrusted or malformed WebAssembly input files locally, as the attack requires local access.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
There is no information provided in the available context or resources about how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.