A heap buffer overflow vulnerability exists in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote malicious user to cause at least a denial of service via the "wasm_loader_check_br" function in core/iwasm/interpreter/wasm_loader.c.