CVE-2025-15572

LOW 3.3

wasm3 NewCodePage memory leak

CVSS Score

3.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no active maintainer at the moment.

CWE	CWE-401 CWE-404
Vendor	n/a
Product	wasm3
Published	Feb 10, 2026
Last Updated	Feb 23, 2026

Stay Ahead of the Next One

Get instant alerts for n/a wasm3

Be the first to know when new low vulnerabilities affecting n/a wasm3 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

n/a / wasm3

0.1 0.2 0.3 0.4 0.5.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.344934 vuldb.com: https://vuldb.com/?ctiid.344934 vuldb.com: https://vuldb.com/?submit.752765 github.com: https://github.com/wasm3/wasm3/issues/550 github.com: https://github.com/oneafter/cve-proofs/blob/main/POC-20251203-07/repro github.com: https://github.com/wasm3/wasm3/

Credits

🔍 Oneafter (VulDB User)