4 matches found
CVE-2026-34764 Electron has a use-after-free in offscreen shared texture release() callback
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 33.0.0-alpha.1 to before 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that use offscreen rendering with GPU shared textures may be vulnerable to a use-after-free. Under certain...
CVE-2026-34764
The CVE-2026-34764 issue affects Electron apps that use offscreen rendering with GPU shared textures (webPreferences.offscreen: { useSharedTexture: true }). The root cause is a use-after-free where the release() callback for a paint-event texture can outlive its backing native state, causing a de...
CVE-2026-34764 Electron has a use-after-free in offscreen shared texture release() callback
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 33.0.0-alpha.1 to before 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that use offscreen rendering with GPU shared textures may be vulnerable to a use-after-free. Under certain...
Electron: Use-after-free in offscreen shared texture release() callback
Impact Apps that use offscreen rendering with GPU shared textures may be vulnerable to a use-after-free. Under certain conditions, the release callback provided on a paint event texture can outlive its backing native state, and invoking it after that point dereferences freed memory in the main...