CVE-2026-34770

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is...

CVE-2026-34770

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is...

CVE-2026-34770

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is...

CVE-2026-34770 Electron: Use-after-free in PowerMonitor on Windows and macOS

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is...

GHSA-JJP3-MQ3X-295M Electron: Use-after-free in PowerMonitor on Windows and macOS

Impact Apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is garbage-collected, the associated OS-level resources a message window on Windows, a shutdown handler on macOS retain dangling references. A subsequent session-change event...

Use After Free

Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free in the powerMonitor function. An attacker can cause memory corruption or application crashes by triggering...

Use After Free

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free in the powerMonitor function. An attacker can cause memory corruption or application crashes...

PT-2026-30000

Impact Apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is garbage-collected, the associated OS-level resources a message window on Windows, a shutdown handler on macOS retain dangling references. A subsequent session-change event...

EUVD-2024-50813

Malicious code in bioql PyPI...

EUVD-2024-50812

Malicious code in bioql PyPI...

EUVD-2024-50811

Malicious code in bioql PyPI...

Rockwell Automation Power Monitor 1000 Device Takeover Vulnerability

Rockwell Automation Power Monitor 1000 is a power monitor from Rockwell Automation. A security vulnerability exists in Rockwell Automation Power Monitor 1000 versions prior to 4.020, which can be exploited by an attacker to configure a new policyholder user without any authentication through the...

CVE-2024-12372

A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap memory which may compromise the integrity of the system, potentially allowing for remote code execution or a...

CVE-2024-12373

A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service...

CVE-2024-12371

A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and...

CVE-2024-12373 Rockwell Automation PowerMonitor™ 1000 Denial of Service

A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service...

CVE-2024-12372 Rockwell Automation PowerMonitor™ 1000 Denial of Service

A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap memory which may compromise the integrity of the system, potentially allowing for remote code execution or a...

CVE-2024-12371 Rockwell Automation PowerMonitor™ 1000 Remote Code Execution

A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and...

CVE-2024-12371 Rockwell Automation PowerMonitor™ 1000 Remote Code Execution

A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and...

Rockwell Automation Power Monitor 1000 安全漏洞

Rockwell Automation Power Monitor 1000 is a power monitor from Rockwell Automation, Inc. A security vulnerability exists in the Rockwell Automation Power Monitor 1000 prior to version 4.020 that stems from the presence of a denial of service and remote code execution vulnerability that could lead...