CVE-2025-54871
CVE-2025-54871 affects Electron Capture (elecap) on macOS. Versions 2.19.1 and earlier expose a TCC bypass: enabling the ELECTRON_RUN_AS_NODE environment variable allows arbitrary Node.js code to run via the -e flag inside the main Electron context, inheriting existing TCC entitlements (e.g., acc...