OSV-2026-150

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wamr/OSV-2026-150.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-150
Published
2026-01-27T00:02:06.850780Z
Modified
2026-01-27T00:02:06.851098Z
Summary
Null-dereference READ in wasm_runtime_invoke_native
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478557340

Crash type: Null-dereference READ
Crash state:
wasm_runtime_invoke_native
wasm_interp_call_wasm
wasm_call_function
References

Affected packages

OSS-Fuzz / wamr

Package

Name
wamr
Purl
pkg:generic/wamr

Affected ranges

Type
GIT
Repo
https://github.com/bytecodealliance/wasm-micro-runtime
Events
Introduced
9a23968fdacc0df4ec7066bc19a412f8b7a8bd69
Fixed
9d1dc3e4d26fb50657bc5161d4aa5e2d06f7657d

Ecosystem specific 

{
    "severity": null
}

Database specific

fixed_range 
"d9091cca0181b19248d6c86ab1824d58536fe75d:9d1dc3e4d26fb50657bc5161d4aa5e2d06f7657d"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wamr/OSV-2026-150.yaml"