CVE-2026-34764

A flaw was found in Electron, a framework for building desktop applications. This vulnerability, a use-after-free, affects applications that utilize offscreen rendering with GPU shared textures. Under specific conditions, a callback function can attempt to access memory that has already been...

CVE-2026-34764

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 33.0.0-alpha.1 to before 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that use offscreen rendering with GPU shared textures may be vulnerable to a use-after-free. Under certain...

EUVD-2026-19352

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 33.0.0-alpha.1 to before 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that use offscreen rendering with GPU shared textures may be vulnerable to a use-after-free. Under certain...

GHSA-8X5Q-PVF5-64MP Electron: Use-after-free in offscreen shared texture release() callback

Impact Apps that use offscreen rendering with GPU shared textures may be vulnerable to a use-after-free. Under certain conditions, the release callback provided on a paint event texture can outlive its backing native state, and invoking it after that point dereferences freed memory in the main...

Use After Free

Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free in the release callback of the paint event, when offscreen rendering with GPU shared textures is enabled. An...

PT-2026-30277

Name of the Vulnerable Software and Affected Versions Electron versions 33.0.0-alpha.1 through 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5 Description Electron applications utilizing offscreen rendering with GPU shared textures may experience a use-after-free condition. Specifically, the release...