Abstract: WebAssembly is an emerging binary instruction set architecture and code distribution format, providing a unified compiling target for high-level programming languages. Due to its design advantages such as efficiency, security and portability, WebAssembly has already been widely used in the Web and non-Web scenarios, and it is becoming one of the most promising platform-independent language runtimes. Although WebAssembly provides a variety of advanced features to guarantee its security, existing studies have demonstrated that WebAssembly still has unique attack surfaces leading to serious security issues. These security issues pose challenges to the security of whole ecosystems based on WebAssembly. Therefore, it is critical to study the security issues of WebAssembly and their mitigations. To the best of our knowledge, we present the first study of WebAssembly security, based on 42 published research papers in this area. First, we systematically analyze and summarize key security features of WebAssembly. Second, we propose the first four-layer threat model for WebAssembly: threats from high-level programming languages, compilation toolchains, binary files, and WebAssembly virtual machines. Third, we propose a taxonomy to classify current research efforts into four categories: empirical security study, vulnerability detection and exploitation, security enhancements, and formal semantics and verifications. Finally, we point out potential challenges to be addressed in this field, as well as five future research directions to be explored.