FIND-20260411-003 · 2026-04-11 · Innovation Veille

Wasmtime: 12 new RustSec advisories (RUSTSEC-2026-0085 through 0086+) — sandbox escape risks

cve MEDIUM
On April 9, 2026, the RustSec advisory database received 12 new Wasmtime security advisories (RUSTSEC-2026-0085 and related). These include sandbox escape vulnerabilities, heap out-of-bounds reads in component string transcoding, host-side panics, and denial-of-service conditions. Wasmtime is the primary WebAssembly runtime for Rust. ODS does not currently use Wasmtime directly, but it may appear as a transitive dependency in some crates.

Source

https://rustsec.org/packages/wasmtime.html

ODS Impact

Low direct impact — ODS Rust services do not use Wasmtime as a direct dependency. However, any future serverless/plugin execution subsystem that might use WASM should track these advisories. Run `cargo tree | grep wasmtime` to verify absence.

Security Review

License: Apache-2.0 | Maintenance: ACTIVE | Risk: LOW | Recommendation: USE_WITH_CAUTION

Tags

rust wasmtime wasm cve security sandbox
Generated by ODS Innovation Veille · 2026-04-11T07:04:46+00:00