CVE-2026-34765

A flaw was found in Electron, a framework for building desktop applications. This vulnerability allows a malicious component within an Electron application to hijack an existing child window opened by another part of the application if both use the same window name. This could lead to the malicio...

Electron: Named window.open targets not scoped to the opener's browsing context

Impact When a renderer calls window.open with a target name, Electron did not correctly scope the named-window lookup to the opener's browsing context group. A renderer could navigate an existing child window that was opened by a different, unrelated renderer if both used the same target name. If...

PT-2026-30918

Name of the Vulnerable Software and Affected Versions Electron versions prior to 39.8.5 Electron versions prior to 40.8.5 Electron versions prior to 41.1.0 Electron versions prior to 42.0.0-alpha.5 Description Electron did not correctly scope the named-window lookup to the opener's browsing conte...

EUVD-2000-0945

Malware in sbrugna...