Vulnerabilidades em electron
39 resultadosCVE-2025-55305MEDIUMElectron is vulnerable to Code Injection via resource modificationEPSS 0.3%CVE-2026-54257CRITICALElectron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflowEPSS 0.3%CVE-2026-34780HIGHElectron: Context Isolation bypass via contextBridge VideoFrame transferEPSS 0.2%CVE-2026-34770HIGHElectron: Use-after-free in PowerMonitor on Windows and macOSEPSS 0.2%CVE-2026-34773MEDIUMElectron: Registry key path injection in app.setAsDefaultProtocolClient on WindowsEPSS 0.2%CVE-2026-34769HIGHElectron: Renderer command-line switch injection via undocumented commandLineSwitches webPreferenceEPSS 0.2%CVE-2026-34776MEDIUMElectron: Out-of-bounds read in second-instance IPC on macOS and LinuxEPSS 0.2%CVE-2026-34767MEDIUMElectron: HTTP Response Header Injection in custom protocol handlers and webRequestEPSS 0.2%CVE-2026-34772MEDIUMElectron: Use-after-free in download save dialog callbackEPSS 0.2%CVE-2023-44402MEDIUMASAR Integrity bypass via filetype confusion in electronEPSS 0.2%CVE-2026-34766LOWElectron: USB device selection not validated against filtered device listEPSS 0.2%CVE-2026-34779MEDIUMElectron: AppleScript injection in app.moveToApplicationsFolder on macOSEPSS 0.2%CVE-2026-34781LOWElectron crashes in clipboard.readImage() on malformed clipboard image dataEPSS 0.1%CVE-2026-34768LOWElectron: Unquoted executable path in app.setLoginItemSettings on WindowsEPSS 0.1%CVE-2024-46993MEDIUMElectron Vulnerable to Heap Buffer Overflow in NativeImage::CreateFromPathEPSS 0.1%CVE-2026-34778MEDIUMElectron: Service worker can spoof executeJavaScript IPC repliesEPSS 0.1%CVE-2026-34777MEDIUMElectron: Incorrect origin passed to permission request handler for iframe requestsEPSS 0.1%CVE-2024-46992HIGHElectron ASAR Integrity bypass by just modifying the contentEPSS 0.1%CVE-2026-34764LOWElectron has a use-after-free in offscreen shared texture release() callbackEPSS 0.1%