59 matches found
CVE-2023-49314
Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and EnableNodeCliInspectArguments, and thus r3ggi/electroniz3r can be used to perform an attack...
CVE-2025-12843
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
EUVD-2025-203091
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
CVE-2025-12843
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
CVE-2025-12843
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
CVE-2025-12843 Code Injection in Wave Term v0.12.2 allowing TCC Bypass
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
CVE-2025-12843
CVE-2025-12843 describes a code injection vulnerability in Wave Term (waveterm) for macOS, affecting version 0.12.2. The issue arises from Electron Fuses code injection and allows a TCC bypass, with CVSS parameters indicating local access, low attack complexity, and low privileges required. The i...
Wave Terminal 代码注入漏洞
Wave Terminal is an enterprise collaboration system from Wave Terminal open source. A code injection vulnerability exists in Wave Terminal version 0.12.2, which stems from Electron Fuses code injection and could lead to a TCC bypass...
PT-2025-50942
Name of the Vulnerable Software and Affected Versions waveterm version 0.12.2 Description Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. The issue allows for code execution by exploiting Electron Fuses. Recommendations At the moment, there is no information about a...
EUVD-2025-2655
Malicious code in bioql PyPI...
EUVD-2024-49051
Malicious code in bioql PyPI...
EUVD-2024-2893
Malicious code in bioql PyPI...
CVE-2025-51387
The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be...
CVE-2025-51387
The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be...
CVE-2025-51387
The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be...
PT-2025-31865 · Unknown · Gitkraken Desktop
Name of the Vulnerable Software and Affected Versions: GitKraken Desktop versions 10.8.0 and 11.1.0 Description: GitKraken Desktop is susceptible to code injection due to misconfigured Electron Fuses. Insecure settings, specifically RunAsNode being enabled and EnableNodeCliInspectArguments not...
CVE-2025-51387
The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be...
CVE-2025-51387
CVE-2025-51387 affects GitKraken Desktop versions 10.8.0 and 11.1.0. The root cause is misconfigured Electron Fuses: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled, allowing the application to run in Node.js mode. This configuration enables attackers to pass arguments that...
CVE-2025-22136
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.217 , Tabby enables several high-risk Electron Fuses, including RunAsNode, EnableNodeCliInspectArguments, and EnableNodeOptionsEnvironmentVariable. These fuses create potential code injection vectors even though the...
CVE-2024-23755
ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode...