Electron

Electron

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2026-34781

  • EPSS 0.01%
  • Veröffentlicht 07.04.2026 21:20:12
  • Zuletzt bearbeitet 16.04.2026 19:34:03

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that call clipboard.readImage() may be vulnerable to a denial of service. If the system ...

8.8

CVE-2026-34765

  • EPSS 0.05%
  • Veröffentlicht 07.04.2026 21:18:35
  • Zuletzt bearbeitet 20.04.2026 17:12:46

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, when a renderer calls window.open() with a target name, Electron did not correctly scope the ...

2.3

CVE-2026-34764

  • EPSS 0.02%
  • Veröffentlicht 06.04.2026 15:46:40
  • Zuletzt bearbeitet 07.04.2026 13:20:11

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 33.0.0-alpha.1 to before 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that use offscreen rendering with GPU shared textures may be vulner...

6.1

CVE-2026-34780

  • EPSS 0.04%
  • Veröffentlicht 04.04.2026 00:02:02
  • Zuletzt bearbeitet 14.04.2026 19:02:23

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 39.0.0-alpha.1 to before 39.8.0, 40.0.0-alpha.1 to before 40.7.0, and 41.0.0-alpha.1 to before 41.0.0-beta.8, apps that pass VideoFr...

7.8

CVE-2026-34779

  • EPSS 0.03%
  • Veröffentlicht 04.04.2026 00:00:41
  • Zuletzt bearbeitet 14.04.2026 18:55:03

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, on macOS, app.moveToApplicationsFolder() used an AppleScript fallback path that did n...

6.5

CVE-2026-34778

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:59:07
  • Zuletzt bearbeitet 20.04.2026 14:22:54

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, a service worker running in a session could spoof reply messages on the internal IPC channel...

5.4

CVE-2026-34777

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:57:36
  • Zuletzt bearbeitet 20.04.2026 14:19:18

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, when an iframe requests fullscreen, pointerLock, keyboardLock, openExternal, or media permis...

5.3

CVE-2026-34776

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:56:42
  • Zuletzt bearbeitet 07.04.2026 13:20:55

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, on macOS and Linux, apps that call app.requestSingleInstanceLock() were vulnerable to an out...

6.8

CVE-2026-34775

  • EPSS 0.03%
  • Veröffentlicht 03.04.2026 23:55:20
  • Zuletzt bearbeitet 07.04.2026 13:20:55

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.4, 40.8.4, and 41.0.0, the nodeIntegrationInWorker webPreference was not correctly scoped in all configurations. In...

8.1

CVE-2026-34774

  • EPSS 0.06%
  • Veröffentlicht 03.04.2026 23:52:38
  • Zuletzt bearbeitet 07.04.2026 13:20:55

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 39.8.1, 40.7.0, and 41.0.0, apps that use offscreen rendering and allow child windows via window.open() may be vulnerable to a u...