This is worse, the runtime overhead will always persist. It's nature is to be secure, not fast. It can be faster than JS in instances where you're doing heavy lifting of memory/algorithms. But that is limited to languages like C/Rust that are compiled directly without need for a runtime.
There's no such thing as "not secure" for web-based languages. If the language is not secure, it's simply a non-starter. You cannot bolt on security to the web. You simply cannot build with "fast" as a primary motivation.
It's a spectrum. JIT is inherently insecure, but is "secure enough" given other guards. We use it because it's fast, at the added risk.
We can infact make things provably safe within certain contexts. But we don't, because it's hard, and it can never perform as well.
Wasms safety is dependent upon the runtime implementation, not the language.
"Fast" is a motivation in web. If it renders slow, it loses money. We have 20 years of hacky methods to make JavaScript fast. These lead to security flaws.
