Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

NVD
NVDadded 2026/04/04 12:16 a.m.3 views

CVE-2026-34774

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 39.8.1, 40.7.0, and 41.0.0, apps that use offscreen rendering and allow child windows via window.open may be vulnerable to a use-after-free. If the parent offscreen WebContent...

8.1CVSS0.00341EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/03 11:57 p.m.17 views

CVE-2026-34777 Electron: Incorrect origin passed to permission request handler for iframe requests

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, when an iframe requests fullscreen, pointerLock, keyboardLock, openExternal, or media permissions, the origin passed to...

5.4CVSS0.00122EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/03 11:44 p.m.4 views

CVE-2026-34768

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, on Windows, app.setLoginItemSettingsopenAtLogin: true wrote the executable path to the Run registry key without quoting. If the app ...

3.9CVSS5.8AI score0.0013EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder