22 matches found
CVE-2023-29198
CVE-2023-29198 affects Electron apps that use contextIsolation with contextBridge. The vulnerability is a context isolation bypass that occurs when a main-world exposed API returns an unserializable object (e.g., a canvas rendering context), allowing access from the renderer to the isolated Elect...
CVE-2022-29247
CVE-2022-29247 — Electron IPC leakage via nodeIntegrationInSubFrames . The issue affects Electron versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5. A renderer with JS execution can gain access to a new renderer process when nodeIntegrationInSubFrames is enabled, which can expose access...
CVE-2023-39956
CVE-2023-39956 affects Electron: out-of-package code execution when an Electron app is launched as a command-line executable with an attacker-controlled working directory and the ability to write files there. Impact is described as low risk by threat-models, but higher due to bypassing protection...
CVE-2022-21718
CVE-2022-21718 affects Electron. Affected versions (< 17.0.0-alpha.6, < 16.0.6, < 15.3.5, < 14.2.4,
CVE-2022-29257
Summary: CVE-2022-29257 affects Electron up to version 18.0.0-beta.6 (and older 17.2.0, 16.2.6, 15.5.5). If an attacker controls a victim app’s update server/storage, they can serve update packages that pass code signing validation but run malicious code in some components. The vulnerability aris...
CVE-2022-36077
The CVE-2022-36077 vulnerability affects the Electron framework in versions prior to 21.0.0-beta.1, 20.0.1, 19.0.11, and 18.3.7, where following redirects to file:// URLs can trigger Windows NTLM credential leakage via SMB targets. The issue is triggered when Electron delays a redirect check betw...
CVE-2020-15096
CVE-2020-15096 affects Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21. A context isolation bypass allows code running in the renderer’s main world context to reach into the isolated Electron context and perform privileged actions. The issue impacts apps that enable contextIsolatio...
CVE-2017-16151
CVE-2017-16151 describes a remote code execution vulnerability in Google Chromium that affects Electron apps. The issue, affecting all recent Electron versions when loading remote content, can be triggered regardless of the sandbox option being enabled. The exposed component is Electron’s integra...
CVE-2026-34769
CVE-2026-34769 (Electron) affects Electron versions prior to 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8. An undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. When apps construct webPreferences from external or untrusted i...
CVE-2026-34768
CVE-2026-34768 affects Electron on Windows prior to 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8. The flaw: app.setLoginItemSettings({openAtLogin: true}) writes the executable path to the Run registry key without quotes. If the installation path contains spaces and an attacker can write to a directo...
CVE-2026-34766
CVE-2026-34766 affects Electron; the select-usb-device event callback did not validate the chosen device ID against the filtered device list presented to the handler. This could allow an app to select a device ID outside the renderer’s requested filters or exclusionFilters, potentially granting a...
CVE-2026-34772
CVE-2026-34772 – Electron Use-After-Free in download save dialog callback . The issue affects Electron applications that allow downloads and programmatically destroy sessions. If the session is torn down while a native save-file dialog for a download is open, dismissing the dialog may dereference...
CVE-2026-34767
CVE-2026-34767 affects Electron before 38.8.6, 39.8.3, 40.8.3, and 41.0.3. It describes HTTP response header injection when apps register custom protocol handlers (protocol.handle / protocol.registerSchemesAsPrivileged) or modify headers via webRequest.onHeadersReceived if attacker-controlled inp...
CVE-2026-34778
Electron: Service worker spoof IPC replies flaw allows a session service worker to spoof internal IPC replies used by webContents.executeJavaScript, causing the main-process promise to resolve with attacker-controlled data. Affected only if service workers are registered and the result of execute...
CVE-2026-34771
CVE-2026-34771 concerns Electron: use-after-free in WebContents when an asynchronous permission request handler is registered and a frame navigates or a window closes while a permission callback is pending for fullscreen, pointer-lock, or keyboard-lock requests. The issue affects apps that regist...
CVE-2026-34777
CVE-2026-34777 affects Electron: prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, the origin passed to session.setPermissionRequestHandler() for iframe-permission requests (fullscreen, pointerLock, keyboardLock, openExternal, or media) was the top‑level page origin instead of the requesting ...
CVE-2026-34779
CVE-2026-34779 affects Electron on macOS prior to patches 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8. The vulnerability arises in the AppleScript fallback path used by app.moveToApplicationsFolder(), which failed to properly handle certain characters in the application bundle path. Under specific ...
CVE-2026-34770
CVE-2026-34770 concerns Electron apps using the powerMonitor module. The issue is a use-after-free: after the native PowerMonitor object is garbage-collected, OS-level resources (a Windows message window; a macOS shutdown handler) may still reference freed memory. A subsequent session-change even...
CVE-2026-34774
Electron is affected when apps use offscreen rendering (webPreferences.offscreen: true) and allow child windows via window.open(). In such cases, if the parent offscreen WebContents is destroyed while a child window remains open, subsequent paint frames on the child can dereference freed memory, ...
CVE-2026-34775
Electron: nodeIntegrationInWorker was not correctly scoped in shared renderer processes. Affected versions prior to 38.8.6, 39.8.4, 40.8.4, and 41.0.0 may allow workers in frames with nodeIntegrationInWorker: false to gain Node.js integration in certain process-sharing scenarios. This could enabl...
CVE-2026-34776
Electron suffers an out-of-bounds heap read on macOS/Linux when an app calls app.requestSingleInstanceLock() and processes a crafted second-instance message. The vulnerability allows leaking memory contents to the second-instance handler and is limited to processes running under the same user as ...
CVE-2026-34773
CVE-2026-34773 (Electron, Windows): The issue arises when calling app.setAsDefaultProtocolClient() with a protocol name derived from external input; the protocol name is written to HKCU\Software\Classes\ without proper validation, risking hijack of existing protocol handlers. Affected Electron ve...