CVE-2026-34781

CVE-2026-34781 affects Electron before versions 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5. Affected code path involves clipboard.readImage() when the system clipboard contains image data that cannot be decoded. In such cases a null bitmap is passed to image construction, leading to a controlled ...

CVE-2026-34781 Electron crashes in clipboard.readImage() on malformed clipboard image data

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that call clipboard.readImage may be vulnerable to a denial of service. If the system clipboard contains image data that fails to decod...

CVE-2026-34781 Electron crashes in clipboard.readImage() on malformed clipboard image data

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that call clipboard.readImage may be vulnerable to a denial of service. If the system clipboard contains image data that fails to decod...

GHSA-F37V-82C4-4X64 Electron: Crash in clipboard.readImage() on malformed clipboard image data

Impact Apps that call clipboard.readImage may be vulnerable to a denial of service. If the system clipboard contains image data that fails to decode, the resulting null bitmap is passed unchecked to image construction, triggering a controlled abort and crashing the process. Apps are only affected...

NULL Pointer Dereference

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to NULL Pointer Dereference in the clipboard.readImage function when processing malformed clipboard image data...

NULL Pointer Dereference

Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to NULL Pointer Dereference in the clipboard.readImage function when processing malformed clipboard image data. An attacker ca...

EUVD-2026-19950

Electron: Crash in clipboard.readImage on malformed clipboard image data...

CVE-2008-3639

Heap-based buffer overflow in the readrle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded RLE data containing a small image and a large row count...

GTK2 GDKPixBufLoader - Remote Denial of Service

source: https://www.securityfocus.com/bid/22209/info Applications using the gtk2 library may be prone to a denial-of-service vulnerability because the library fails to handle malformed image data. An attacker can exploit this issue to crash applications on a victim's computer...

DEBIAN-CVE-2006-2906

The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw GD library aka libgd 2.0.33 allows remote attackers to cause a denial of service CPU consumption via malformed GIF data that causes an infinite loop...

Tony Cook Imager 0.4x - '.JPEG' / '.TGA' Images Denial of Service

source: https://www.securityfocus.com/bid/17415/info The Perl Imager module is susceptible to a denial-of-service vulnerability. This issue is due to a failure of the software to properly handle unexpected image data. Malformed image files may cause a crash in applications that use the affected...