Electron

Electron

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2026-34773

  • EPSS 0.03%
  • Veröffentlicht 03.04.2026 23:50:42
  • Zuletzt bearbeitet 07.04.2026 13:20:55

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, on Windows, app.setAsDefaultProtocolClient(protocol) did not validate the protocol name befo...

5.8

CVE-2026-34772

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:49:20
  • Zuletzt bearbeitet 07.04.2026 13:20:55

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, apps that allow downloads and programmatically destroy sessions may be vulnerable to ...

7.5

CVE-2026-34771

  • EPSS 0.04%
  • Veröffentlicht 03.04.2026 23:47:23
  • Zuletzt bearbeitet 07.04.2026 13:20:55

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, apps that register an asynchronous session.setPermissionRequestHandler() may be vulne...

7

CVE-2026-34770

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:46:11
  • Zuletzt bearbeitet 07.04.2026 13:20:55

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, apps that use the powerMonitor module may be vulnerable to a use-after-free. After th...

7.8

CVE-2026-34768

  • EPSS 0.01%
  • Veröffentlicht 03.04.2026 23:44:55
  • Zuletzt bearbeitet 09.04.2026 16:10:39

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, on Windows, app.setLoginItemSettings({openAtLogin: true}) wrote the executable path t...

6.5

CVE-2026-34767

  • EPSS 0.03%
  • Veröffentlicht 03.04.2026 23:43:09
  • Zuletzt bearbeitet 09.04.2026 16:16:48

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.3, 40.8.3, and 41.0.3, apps that register custom protocol handlers via protocol.handle() / protocol.registerSchemes...

5.4

CVE-2026-34766

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:35:10
  • Zuletzt bearbeitet 09.04.2026 16:23:12

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, the select-usb-device event callback did not validate the chosen device ID against th...

7.8

CVE-2026-34769

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:33:55
  • Zuletzt bearbeitet 09.04.2026 16:01:32

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches webPreference allowed arbitrary switches to be ap...

6.1

CVE-2025-55305

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 23:05:07
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions below 35.7.5, 36.0.0-alpha.1 through 36.8.0, 37.0.0-alpha.1 through 37.3.1 and 38.0.0-alpha.1 through 38.0.0-beta.6, ASAR Integrity By...

4.4

CVE-2024-46993

  • EPSS 0.03%
  • Veröffentlicht 01.07.2025 01:55:51
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath() and nativeImage.createFromBuffer() functions call a...