38 matches found
CVE-2023-29198
CVE-2023-29198 affects Electron apps that use contextIsolation with contextBridge. The vulnerability is a context isolation bypass that occurs when a main-world exposed API returns an unserializable object (e.g., a canvas rendering context), allowing access from the renderer to the isolated Elect...
CVE-2022-29247
CVE-2022-29247 — Electron IPC leakage via nodeIntegrationInSubFrames . The issue affects Electron versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5. A renderer with JS execution can gain access to a new renderer process when nodeIntegrationInSubFrames is enabled, which can expose access...
CVE-2023-39956
CVE-2023-39956 affects Electron: out-of-package code execution when an Electron app is launched as a command-line executable with an attacker-controlled working directory and the ability to write files there. Impact is described as low risk by threat-models, but higher due to bypassing protection...
CVE-2023-23623
The CVE-2023-23623 issue is in Electron where a Content-Security-Policy that disables eval (script-src without unsafe-eval) is not respected in renderers with sandbox: false. Affected are Electron 22 and 23 series; the vulnerability can allow unintended use of eval() or new Function, expanding th...
CVE-2022-21718
CVE-2022-21718 affects Electron. Affected versions (< 17.0.0-alpha.6, < 16.0.6, < 15.3.5, < 14.2.4,
CVE-2022-29257
Summary: CVE-2022-29257 affects Electron up to version 18.0.0-beta.6 (and older 17.2.0, 16.2.6, 15.5.5). If an attacker controls a victim app’s update server/storage, they can serve update packages that pass code signing validation but run malicious code in some components. The vulnerability aris...
CVE-2020-15174
CVE-2020-15174 affects Electron: the will-navigate event can be bypassed when a sub-frame performs a top-frame navigation across sites in several pre-11 releases (8.5.1, 9.3.0, 10.0.1, 11.0.0-beta.1). Affected versions vs patched versions are explicitly listed; remediation is to upgrade to the pa...
CVE-2018-1000136
CVE-2018-1000136 concerns the Electron framework where Webviews mishandle values, enabling potential remote code execution. Affected are Electron versions: 1.7.x up to 1.7.12, 1.8.x up to 1.8.3, and 2.0.0 up to 2.0.0-beta.3. The issue appears when an application allows execution of third‑party co...
CVE-2018-15685
GitHub Electron versions 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6 are affected by a WebPreferences vulnerability when using IFRAME with nativeWindowOpen: true or sandbox: true, enabling remote code execution. The issue arises in Electron’s WebPreferences handling and can be triggered in nested wind...
CVE-2022-36077
The CVE-2022-36077 vulnerability affects the Electron framework in versions prior to 21.0.0-beta.1, 20.0.1, 19.0.11, and 18.3.7, where following redirects to file:// URLs can trigger Windows NTLM credential leakage via SMB targets. The issue is triggered when Electron delays a redirect check betw...
CVE-2020-4076
CVE-2020-4076 in Electron: context isolation bypass allows code in the main world of the renderer to reach into the isolated Electron context and perform privileged actions when contextIsolation is enabled. Affected versions are Electron before 7.2.4, 8.2.4, and 9.0.0-beta21. The vulnerability is...
CVE-2020-15096
CVE-2020-15096 affects Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21. A context isolation bypass allows code running in the renderer’s main world context to reach into the isolated Electron context and perform privileged actions. The issue impacts apps that enable contextIsolatio...
CVE-2018-1000118
Technical details for CVE-2018-1000118 are not publicly available in the provided documents. Monitor for updates.
CVE-2020-15215
CVE-2020-15215 affects Electron before 11.0.0-beta.6, 10.1.2, 9.3.1, or 8.5.2. It is a context isolation bypass whereby code running in the main world context in a renderer can access the isolated Electron context when apps use both contextIsolation and sandbox: true, or contextIsolation and node...
CVE-2021-39184
Electron vulnerability CVE-2021-39184 affects sandboxed renderers extracting thumbnails of arbitrary files via the createThumbnailFromPath API. Older Electron versions (before 11.5.0, 12.1.0, and 13.3.0) are impacted; fixes are provided in 11.5.0+, 12.1.0+, and 13.3.0+. All documented workarounds...
CVE-2023-44402
CVE-2023-44402 concerns Electron where ASAR integrity checks can be bypassed when embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses are enabled on macOS. The issue requires an attacker with write access to the app’s filesystem (e.g., the .app bundle) to exploit, potentially allowing l...
CVE-2017-16151
CVE-2017-16151 describes a remote code execution vulnerability in Google Chromium that affects Electron apps. The issue, affecting all recent Electron versions when loading remote content, can be triggered regardless of the sandbox option being enabled. The exposed component is Electron’s integra...
CVE-2020-26272
CVE-2020-26272 (Electron IPC frame routing) : In Electron, IPC messages sent from the main process to a subframe in the renderer process (via webContents.sendToFrame , or in handlers using event.reply or the remote module) can be delivered to the wrong frame in versions before fixed releases. Aff...
CVE-2020-4077
In Electron, a context isolation bypass affects versions prior to 7.2.4, 8.2.4, and 9.0.0-beta21 where code in the main world of a renderer can access the isolated Electron context when both contextIsolation and contextBridge are used. The issue is fixed in 7.2.4, 8.2.4, and 9.0.0-beta.21. Mitiga...
CVE-2020-4075
Summary: CVE-2020-4075 affects Electron before 7.2.4, 8.2.4, and 9.0.0-beta21, allowing arbitrary local file read by defining unsafe window options on a child window opened with window.open. Root cause: unsafe window options on child windows. Impact: local file read via manipulated window options...
CVE-2026-34764
The CVE-2026-34764 issue affects Electron apps that use offscreen rendering with GPU shared textures (webPreferences.offscreen: { useSharedTexture: true }). The root cause is a use-after-free where the release() callback for a paint-event texture can outlive its backing native state, causing a de...
CVE-2026-34769
CVE-2026-34769 (Electron) affects Electron versions prior to 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8. An undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. When apps construct webPreferences from external or untrusted i...
CVE-2026-34768
CVE-2026-34768 affects Electron on Windows prior to 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8. The flaw: app.setLoginItemSettings({openAtLogin: true}) writes the executable path to the Run registry key without quotes. If the installation path contains spaces and an attacker can write to a directo...
CVE-2026-34772
CVE-2026-34772 – Electron Use-After-Free in download save dialog callback . The issue affects Electron applications that allow downloads and programmatically destroy sessions. If the session is torn down while a native save-file dialog for a download is open, dismissing the dialog may dereference...
CVE-2026-34766
CVE-2026-34766 affects Electron; the select-usb-device event callback did not validate the chosen device ID against the filtered device list presented to the handler. This could allow an app to select a device ID outside the renderer’s requested filters or exclusionFilters, potentially granting a...
CVE-2026-34780
Electron context isolation bypass via contextBridge VideoFrame transfer affects versions 39.0.0-alpha.1–39.7.x, 40.0.0-alpha.1–40.6.x, and 41.0.0-alpha.1–41.0.0-beta.7 (inclusive) where passing VideoFrame objects across the contextBridge can let a main-world attacker access the isolated world and...
CVE-2026-34767
CVE-2026-34767 affects Electron before 38.8.6, 39.8.3, 40.8.3, and 41.0.3. It describes HTTP response header injection when apps register custom protocol handlers (protocol.handle / protocol.registerSchemesAsPrivileged) or modify headers via webRequest.onHeadersReceived if attacker-controlled inp...
CVE-2026-34778
Electron: Service worker spoof IPC replies flaw allows a session service worker to spoof internal IPC replies used by webContents.executeJavaScript, causing the main-process promise to resolve with attacker-controlled data. Affected only if service workers are registered and the result of execute...
CVE-2026-34771
CVE-2026-34771 concerns Electron: use-after-free in WebContents when an asynchronous permission request handler is registered and a frame navigates or a window closes while a permission callback is pending for fullscreen, pointer-lock, or keyboard-lock requests. The issue affects apps that regist...
CVE-2026-34781
CVE-2026-34781 affects Electron before versions 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5. Affected code path involves clipboard.readImage() when the system clipboard contains image data that cannot be decoded. In such cases a null bitmap is passed to image construction, leading to a controlled ...
CVE-2026-34777
CVE-2026-34777 affects Electron: prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, the origin passed to session.setPermissionRequestHandler() for iframe-permission requests (fullscreen, pointerLock, keyboardLock, openExternal, or media) was the top‑level page origin instead of the requesting ...
CVE-2026-34779
CVE-2026-34779 affects Electron on macOS prior to patches 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8. The vulnerability arises in the AppleScript fallback path used by app.moveToApplicationsFolder(), which failed to properly handle certain characters in the application bundle path. Under specific ...
CVE-2026-34770
CVE-2026-34770 concerns Electron apps using the powerMonitor module. The issue is a use-after-free: after the native PowerMonitor object is garbage-collected, OS-level resources (a Windows message window; a macOS shutdown handler) may still reference freed memory. A subsequent session-change even...
CVE-2026-34775
Electron: nodeIntegrationInWorker was not correctly scoped in shared renderer processes. Affected versions prior to 38.8.6, 39.8.4, 40.8.4, and 41.0.0 may allow workers in frames with nodeIntegrationInWorker: false to gain Node.js integration in certain process-sharing scenarios. This could enabl...
CVE-2026-34776
Electron suffers an out-of-bounds heap read on macOS/Linux when an app calls app.requestSingleInstanceLock() and processes a crafted second-instance message. The vulnerability allows leaking memory contents to the second-instance handler and is limited to processes running under the same user as ...
CVE-2026-34774
Electron is affected when apps use offscreen rendering (webPreferences.offscreen: true) and allow child windows via window.open(). In such cases, if the parent offscreen WebContents is destroyed while a child window remains open, subsequent paint frames on the child can dereference freed memory, ...
CVE-2026-34773
CVE-2026-34773 (Electron, Windows): The issue arises when calling app.setAsDefaultProtocolClient() with a protocol name derived from external input; the protocol name is written to HKCU\Software\Classes\ without proper validation, risking hijack of existing protocol handlers. Affected Electron ve...
CVE-2026-34765
CVE-2026-34765 : Electron prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5 has a window.open() targeting flaw where the named-window lookup is not scoped to the opener’s browsing context group. A renderer could navigate a child window opened by a different renderer if both share the same targe...