Electronjs

Electron

30 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2026-34781

  • EPSS 0.01%
  • Veröffentlicht 07.04.2026 21:20:12
  • Zuletzt bearbeitet 16.04.2026 19:34:03

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that call clipboard.readImage() may be vulnerable to a denial of service. If the system ...

8.8

CVE-2026-34765

  • EPSS 0.05%
  • Veröffentlicht 07.04.2026 21:18:35
  • Zuletzt bearbeitet 20.04.2026 17:12:46

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, when a renderer calls window.open() with a target name, Electron did not correctly scope the ...

6.1

CVE-2026-34780

  • EPSS 0.04%
  • Veröffentlicht 04.04.2026 00:02:02
  • Zuletzt bearbeitet 14.04.2026 19:02:23

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 39.0.0-alpha.1 to before 39.8.0, 40.0.0-alpha.1 to before 40.7.0, and 41.0.0-alpha.1 to before 41.0.0-beta.8, apps that pass VideoFr...

7.8

CVE-2026-34779

  • EPSS 0.03%
  • Veröffentlicht 04.04.2026 00:00:41
  • Zuletzt bearbeitet 14.04.2026 18:55:03

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, on macOS, app.moveToApplicationsFolder() used an AppleScript fallback path that did n...

6.5

CVE-2026-34778

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:59:07
  • Zuletzt bearbeitet 20.04.2026 14:22:54

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, a service worker running in a session could spoof reply messages on the internal IPC channel...

5.4

CVE-2026-34777

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:57:36
  • Zuletzt bearbeitet 20.04.2026 14:19:18

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, when an iframe requests fullscreen, pointerLock, keyboardLock, openExternal, or media permis...

7.8

CVE-2026-34768

  • EPSS 0.01%
  • Veröffentlicht 03.04.2026 23:44:55
  • Zuletzt bearbeitet 09.04.2026 16:10:39

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, on Windows, app.setLoginItemSettings({openAtLogin: true}) wrote the executable path t...

6.5

CVE-2026-34767

  • EPSS 0.03%
  • Veröffentlicht 03.04.2026 23:43:09
  • Zuletzt bearbeitet 09.04.2026 16:16:48

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.3, 40.8.3, and 41.0.3, apps that register custom protocol handlers via protocol.handle() / protocol.registerSchemes...

5.4

CVE-2026-34766

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:35:10
  • Zuletzt bearbeitet 09.04.2026 16:23:12

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, the select-usb-device event callback did not validate the chosen device ID against th...

7.8

CVE-2026-34769

  • EPSS 0.02%
  • Veröffentlicht 03.04.2026 23:33:55
  • Zuletzt bearbeitet 09.04.2026 16:01:32

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches webPreference allowed arbitrary switches to be ap...