Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/electron@27.0.0-beta.8
Typenpm
Namespace
Nameelectron
Version27.0.0-beta.8
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version39.8.5
Latest_non_vulnerable_version42.0.0-alpha.5
Affected_by_vulnerabilities
0
url VCID-2keb-x1ty-8uat
vulnerability_id VCID-2keb-x1ty-8uat
summary Electron: Electron: Denial of Service via malformed clipboard image data
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34781.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34781.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34781
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00317
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34781
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/commit/a48f03fb8d03933547281ddb2dbb6c6b9e705287
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/a48f03fb8d03933547281ddb2dbb6c6b9e705287
4
reference_url https://github.com/electron/electron/pull/50475
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/50475
5
reference_url https://github.com/electron/electron/releases/tag/v39.8.5
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v39.8.5
6
reference_url https://github.com/electron/electron/releases/tag/v40.8.5
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v40.8.5
7
reference_url https://github.com/electron/electron/releases/tag/v41.1.0
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v41.1.0
8
reference_url https://github.com/electron/electron/releases/tag/v42.0.0-alpha.5
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v42.0.0-alpha.5
9
reference_url https://github.com/electron/electron/security/advisories/GHSA-f37v-82c4-4x64
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-08T16:10:12Z/
url https://github.com/electron/electron/security/advisories/GHSA-f37v-82c4-4x64
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34781
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34781
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456279
reference_id 2456279
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456279
12
reference_url https://github.com/advisories/GHSA-f37v-82c4-4x64
reference_id GHSA-f37v-82c4-4x64
reference_type
scores
url https://github.com/advisories/GHSA-f37v-82c4-4x64
fixed_packages
0
url pkg:npm/electron@39.8.5
purl pkg:npm/electron@39.8.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.5
1
url pkg:npm/electron@40.8.5
purl pkg:npm/electron@40.8.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.5
2
url pkg:npm/electron@41.1.0
purl pkg:npm/electron@41.1.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.1.0
3
url pkg:npm/electron@42.0.0-alpha.5
purl pkg:npm/electron@42.0.0-alpha.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@42.0.0-alpha.5
aliases CVE-2026-34781, GHSA-f37v-82c4-4x64
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2keb-x1ty-8uat
1
url VCID-2wh9-gwvs-w7de
vulnerability_id VCID-2wh9-gwvs-w7de
summary 
Electron: AppleScript injection in app.moveToApplicationsFolder on macOS
### Impact
On macOS, `app.moveToApplicationsFolder()` used an AppleScript fallback path that did not properly handle certain characters in the application bundle path. Under specific conditions, a crafted launch path could lead to arbitrary AppleScript execution when the user accepted the move-to-Applications prompt.

Apps are only affected if they call `app.moveToApplicationsFolder()`. Apps that do not use this API are not affected.

### Workarounds
There are no app side workarounds, developers must update to a patched version of Electron.

### Fixed Versions
* `41.0.0-beta.8`
* `40.8.0`
* `39.8.1`
* `38.8.6`

### For more information
If there are any questions or comments about this advisory, please email [security@electronjs.org](mailto:security@electronjs.org)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34779
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01177
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34779
1
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
2
reference_url https://github.com/electron/electron/security/advisories/GHSA-5rqw-r77c-jp79
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T15:49:50Z/
url https://github.com/electron/electron/security/advisories/GHSA-5rqw-r77c-jp79
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34779
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34779
4
reference_url https://github.com/advisories/GHSA-5rqw-r77c-jp79
reference_id GHSA-5rqw-r77c-jp79
reference_type
scores
url https://github.com/advisories/GHSA-5rqw-r77c-jp79
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.1
purl pkg:npm/electron@39.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1
2
url pkg:npm/electron@40.8.0
purl pkg:npm/electron@40.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-fc35-txd2-n3fx
5
vulnerability VCID-qm2b-y2xm-ufcz
6
vulnerability VCID-sfs6-eem9-kkd7
7
vulnerability VCID-tbtz-qm3p-qkew
8
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.0
3
url pkg:npm/electron@41.0.0-beta.8
purl pkg:npm/electron@41.0.0-beta.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-f3np-yfxu-kkch
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-qm2b-y2xm-ufcz
7
vulnerability VCID-sfs6-eem9-kkd7
8
vulnerability VCID-tbtz-qm3p-qkew
9
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8
aliases CVE-2026-34779, GHSA-5rqw-r77c-jp79
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2wh9-gwvs-w7de
2
url VCID-39bj-4jxj-vfcd
vulnerability_id VCID-39bj-4jxj-vfcd
summary Electron: Electron: Use-after-free vulnerability leads to memory corruption or crash
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34772.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34772.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34772
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.0296
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34772
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-9w97-2464-8783
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:27:31Z/
url https://github.com/electron/electron/security/advisories/GHSA-9w97-2464-8783
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34772
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34772
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455005
reference_id 2455005
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455005
6
reference_url https://github.com/advisories/GHSA-9w97-2464-8783
reference_id GHSA-9w97-2464-8783
reference_type
scores
url https://github.com/advisories/GHSA-9w97-2464-8783
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.0
purl pkg:npm/electron@39.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-5amq-7pw8-ufbs
3
vulnerability VCID-5ubr-1u28-myea
4
vulnerability VCID-6gw3-vnmy-e7cm
5
vulnerability VCID-f3np-yfxu-kkch
6
vulnerability VCID-fc35-txd2-n3fx
7
vulnerability VCID-nu1t-cwrv-sqcx
8
vulnerability VCID-qm2b-y2xm-ufcz
9
vulnerability VCID-sfs6-eem9-kkd7
10
vulnerability VCID-sv4z-1stx-cba6
11
vulnerability VCID-tbtz-qm3p-qkew
12
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.0
2
url pkg:npm/electron@40.7.0
purl pkg:npm/electron@40.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-5amq-7pw8-ufbs
3
vulnerability VCID-5ubr-1u28-myea
4
vulnerability VCID-6gw3-vnmy-e7cm
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-nu1t-cwrv-sqcx
7
vulnerability VCID-qm2b-y2xm-ufcz
8
vulnerability VCID-sfs6-eem9-kkd7
9
vulnerability VCID-sv4z-1stx-cba6
10
vulnerability VCID-tbtz-qm3p-qkew
11
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0
3
url pkg:npm/electron@41.0.0-beta.7
purl pkg:npm/electron@41.0.0-beta.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-3p9m-snfr-ckdu
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5amq-7pw8-ufbs
5
vulnerability VCID-5ubr-1u28-myea
6
vulnerability VCID-6gw3-vnmy-e7cm
7
vulnerability VCID-7yd4-qkmc-a7ft
8
vulnerability VCID-f3np-yfxu-kkch
9
vulnerability VCID-fc35-txd2-n3fx
10
vulnerability VCID-nb2y-xsnc-zyba
11
vulnerability VCID-nu1t-cwrv-sqcx
12
vulnerability VCID-qm2b-y2xm-ufcz
13
vulnerability VCID-sfs6-eem9-kkd7
14
vulnerability VCID-sv4z-1stx-cba6
15
vulnerability VCID-tbtz-qm3p-qkew
16
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.7
aliases CVE-2026-34772, GHSA-9w97-2464-8783
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-39bj-4jxj-vfcd
3
url VCID-4sm1-hzbp-zydw
vulnerability_id VCID-4sm1-hzbp-zydw
summary Electron: Electron: Arbitrary code execution and security bypass via undocumented command-line switches
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34769.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34769.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34769
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.00772
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34769
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-9wfr-w7mm-pc7f
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T15:34:49Z/
url https://github.com/electron/electron/security/advisories/GHSA-9wfr-w7mm-pc7f
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34769
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34769
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455004
reference_id 2455004
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455004
6
reference_url https://github.com/advisories/GHSA-9wfr-w7mm-pc7f
reference_id GHSA-9wfr-w7mm-pc7f
reference_type
scores
url https://github.com/advisories/GHSA-9wfr-w7mm-pc7f
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.0
purl pkg:npm/electron@39.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-5amq-7pw8-ufbs
3
vulnerability VCID-5ubr-1u28-myea
4
vulnerability VCID-6gw3-vnmy-e7cm
5
vulnerability VCID-f3np-yfxu-kkch
6
vulnerability VCID-fc35-txd2-n3fx
7
vulnerability VCID-nu1t-cwrv-sqcx
8
vulnerability VCID-qm2b-y2xm-ufcz
9
vulnerability VCID-sfs6-eem9-kkd7
10
vulnerability VCID-sv4z-1stx-cba6
11
vulnerability VCID-tbtz-qm3p-qkew
12
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.0
2
url pkg:npm/electron@40.7.0
purl pkg:npm/electron@40.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-5amq-7pw8-ufbs
3
vulnerability VCID-5ubr-1u28-myea
4
vulnerability VCID-6gw3-vnmy-e7cm
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-nu1t-cwrv-sqcx
7
vulnerability VCID-qm2b-y2xm-ufcz
8
vulnerability VCID-sfs6-eem9-kkd7
9
vulnerability VCID-sv4z-1stx-cba6
10
vulnerability VCID-tbtz-qm3p-qkew
11
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0
3
url pkg:npm/electron@41.0.0-beta.8
purl pkg:npm/electron@41.0.0-beta.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-f3np-yfxu-kkch
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-qm2b-y2xm-ufcz
7
vulnerability VCID-sfs6-eem9-kkd7
8
vulnerability VCID-tbtz-qm3p-qkew
9
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8
aliases CVE-2026-34769, GHSA-9wfr-w7mm-pc7f
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4sm1-hzbp-zydw
4
url VCID-5ubr-1u28-myea
vulnerability_id VCID-5ubr-1u28-myea
summary electron: Electron: HTTP Response Header Injection via attacker-controlled input
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34767.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34767.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34767
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01597
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34767
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-4p4r-m79c-wq3v
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T19:07:46Z/
url https://github.com/electron/electron/security/advisories/GHSA-4p4r-m79c-wq3v
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34767
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34767
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455000
reference_id 2455000
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455000
6
reference_url https://github.com/advisories/GHSA-4p4r-m79c-wq3v
reference_id GHSA-4p4r-m79c-wq3v
reference_type
scores
url https://github.com/advisories/GHSA-4p4r-m79c-wq3v
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.3
purl pkg:npm/electron@39.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-6gw3-vnmy-e7cm
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.3
2
url pkg:npm/electron@40.8.3
purl pkg:npm/electron@40.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-6gw3-vnmy-e7cm
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.3
3
url pkg:npm/electron@41.0.3
purl pkg:npm/electron@41.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.3
aliases CVE-2026-34767, GHSA-4p4r-m79c-wq3v
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ubr-1u28-myea
5
url VCID-6gw3-vnmy-e7cm
vulnerability_id VCID-6gw3-vnmy-e7cm
summary Electron: Electron: Arbitrary code execution and information disclosure due to incorrect Node.js integration scoping
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34775.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34775.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34775
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02131
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34775
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-xwr5-m59h-vwqr
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T15:52:56Z/
url https://github.com/electron/electron/security/advisories/GHSA-xwr5-m59h-vwqr
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34775
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34775
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455023
reference_id 2455023
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455023
6
reference_url https://github.com/advisories/GHSA-xwr5-m59h-vwqr
reference_id GHSA-xwr5-m59h-vwqr
reference_type
scores
url https://github.com/advisories/GHSA-xwr5-m59h-vwqr
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.4
purl pkg:npm/electron@39.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.4
2
url pkg:npm/electron@40.8.4
purl pkg:npm/electron@40.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.4
3
url pkg:npm/electron@41.0.0
purl pkg:npm/electron@41.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0
aliases CVE-2026-34775, GHSA-xwr5-m59h-vwqr
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6gw3-vnmy-e7cm
6
url VCID-7yd4-qkmc-a7ft
vulnerability_id VCID-7yd4-qkmc-a7ft
summary electron: Electron: Memory corruption or application crash via use-after-free in permission request handling
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34771.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34771.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34771
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04697
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34771
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-8337-3p73-46f4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T16:04:11Z/
url https://github.com/electron/electron/security/advisories/GHSA-8337-3p73-46f4
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34771
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34771
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454995
reference_id 2454995
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454995
6
reference_url https://github.com/advisories/GHSA-8337-3p73-46f4
reference_id GHSA-8337-3p73-46f4
reference_type
scores
url https://github.com/advisories/GHSA-8337-3p73-46f4
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.0
purl pkg:npm/electron@39.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-5amq-7pw8-ufbs
3
vulnerability VCID-5ubr-1u28-myea
4
vulnerability VCID-6gw3-vnmy-e7cm
5
vulnerability VCID-f3np-yfxu-kkch
6
vulnerability VCID-fc35-txd2-n3fx
7
vulnerability VCID-nu1t-cwrv-sqcx
8
vulnerability VCID-qm2b-y2xm-ufcz
9
vulnerability VCID-sfs6-eem9-kkd7
10
vulnerability VCID-sv4z-1stx-cba6
11
vulnerability VCID-tbtz-qm3p-qkew
12
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.0
2
url pkg:npm/electron@40.7.0
purl pkg:npm/electron@40.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-5amq-7pw8-ufbs
3
vulnerability VCID-5ubr-1u28-myea
4
vulnerability VCID-6gw3-vnmy-e7cm
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-nu1t-cwrv-sqcx
7
vulnerability VCID-qm2b-y2xm-ufcz
8
vulnerability VCID-sfs6-eem9-kkd7
9
vulnerability VCID-sv4z-1stx-cba6
10
vulnerability VCID-tbtz-qm3p-qkew
11
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0
3
url pkg:npm/electron@41.0.0-beta.8
purl pkg:npm/electron@41.0.0-beta.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-f3np-yfxu-kkch
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-qm2b-y2xm-ufcz
7
vulnerability VCID-sfs6-eem9-kkd7
8
vulnerability VCID-tbtz-qm3p-qkew
9
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8
aliases CVE-2026-34771, GHSA-8337-3p73-46f4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7yd4-qkmc-a7ft
7
url VCID-f3np-yfxu-kkch
vulnerability_id VCID-f3np-yfxu-kkch
summary Electron: Electron: Memory corruption and crash due to use-after-free in offscreen rendering
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34774.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34774.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34774
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05709
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34774
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-532v-xpq5-8h95
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T15:28:41Z/
url https://github.com/electron/electron/security/advisories/GHSA-532v-xpq5-8h95
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34774
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34774
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455026
reference_id 2455026
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455026
6
reference_url https://github.com/advisories/GHSA-532v-xpq5-8h95
reference_id GHSA-532v-xpq5-8h95
reference_type
scores
url https://github.com/advisories/GHSA-532v-xpq5-8h95
fixed_packages
0
url pkg:npm/electron@39.8.1
purl pkg:npm/electron@39.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1
1
url pkg:npm/electron@40.7.0
purl pkg:npm/electron@40.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-5amq-7pw8-ufbs
3
vulnerability VCID-5ubr-1u28-myea
4
vulnerability VCID-6gw3-vnmy-e7cm
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-nu1t-cwrv-sqcx
7
vulnerability VCID-qm2b-y2xm-ufcz
8
vulnerability VCID-sfs6-eem9-kkd7
9
vulnerability VCID-sv4z-1stx-cba6
10
vulnerability VCID-tbtz-qm3p-qkew
11
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0
2
url pkg:npm/electron@41.0.0
purl pkg:npm/electron@41.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0
aliases CVE-2026-34774, GHSA-532v-xpq5-8h95
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f3np-yfxu-kkch
8
url VCID-fc35-txd2-n3fx
vulnerability_id VCID-fc35-txd2-n3fx
summary Electron: Electron: Information disclosure via crafted second-instance message
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34776.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34776.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34776
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01739
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34776
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-3c8v-cfp5-9885
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:31:24Z/
url https://github.com/electron/electron/security/advisories/GHSA-3c8v-cfp5-9885
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34776
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34776
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455021
reference_id 2455021
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455021
6
reference_url https://github.com/advisories/GHSA-3c8v-cfp5-9885
reference_id GHSA-3c8v-cfp5-9885
reference_type
scores
url https://github.com/advisories/GHSA-3c8v-cfp5-9885
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.1
purl pkg:npm/electron@39.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1
2
url pkg:npm/electron@40.8.1
purl pkg:npm/electron@40.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.1
3
url pkg:npm/electron@41.0.0
purl pkg:npm/electron@41.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0
aliases CVE-2026-34776, GHSA-3c8v-cfp5-9885
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fc35-txd2-n3fx
9
url VCID-nb2y-xsnc-zyba
vulnerability_id VCID-nb2y-xsnc-zyba
summary Electron: Electron: Unauthorized USB device access via select-usb-device event callback validation bypass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34766.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34766.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34766
reference_id
reference_type
scores
0
value 9e-05
scoring_system epss
scoring_elements 0.01083
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34766
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-9899-m83m-qhpj
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T19:07:01Z/
url https://github.com/electron/electron/security/advisories/GHSA-9899-m83m-qhpj
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34766
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34766
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454998
reference_id 2454998
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454998
6
reference_url https://github.com/advisories/GHSA-9899-m83m-qhpj
reference_id GHSA-9899-m83m-qhpj
reference_type
scores
url https://github.com/advisories/GHSA-9899-m83m-qhpj
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.0
purl pkg:npm/electron@39.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-5amq-7pw8-ufbs
3
vulnerability VCID-5ubr-1u28-myea
4
vulnerability VCID-6gw3-vnmy-e7cm
5
vulnerability VCID-f3np-yfxu-kkch
6
vulnerability VCID-fc35-txd2-n3fx
7
vulnerability VCID-nu1t-cwrv-sqcx
8
vulnerability VCID-qm2b-y2xm-ufcz
9
vulnerability VCID-sfs6-eem9-kkd7
10
vulnerability VCID-sv4z-1stx-cba6
11
vulnerability VCID-tbtz-qm3p-qkew
12
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.0
2
url pkg:npm/electron@40.7.0
purl pkg:npm/electron@40.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-5amq-7pw8-ufbs
3
vulnerability VCID-5ubr-1u28-myea
4
vulnerability VCID-6gw3-vnmy-e7cm
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-nu1t-cwrv-sqcx
7
vulnerability VCID-qm2b-y2xm-ufcz
8
vulnerability VCID-sfs6-eem9-kkd7
9
vulnerability VCID-sv4z-1stx-cba6
10
vulnerability VCID-tbtz-qm3p-qkew
11
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0
3
url pkg:npm/electron@41.0.0-beta.8
purl pkg:npm/electron@41.0.0-beta.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-f3np-yfxu-kkch
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-qm2b-y2xm-ufcz
7
vulnerability VCID-sfs6-eem9-kkd7
8
vulnerability VCID-tbtz-qm3p-qkew
9
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8
aliases CVE-2026-34766, GHSA-9899-m83m-qhpj
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nb2y-xsnc-zyba
10
url VCID-nu1t-cwrv-sqcx
vulnerability_id VCID-nu1t-cwrv-sqcx
summary electron: Electron: Arbitrary code execution via unquoted path in Run registry key
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34768.json
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34768.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34768
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00458
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34768
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-jfqx-fxh3-c62j
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T19:08:45Z/
url https://github.com/electron/electron/security/advisories/GHSA-jfqx-fxh3-c62j
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34768
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34768
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454996
reference_id 2454996
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454996
6
reference_url https://github.com/advisories/GHSA-jfqx-fxh3-c62j
reference_id GHSA-jfqx-fxh3-c62j
reference_type
scores
url https://github.com/advisories/GHSA-jfqx-fxh3-c62j
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.1
purl pkg:npm/electron@39.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1
2
url pkg:npm/electron@40.8.0
purl pkg:npm/electron@40.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-fc35-txd2-n3fx
5
vulnerability VCID-qm2b-y2xm-ufcz
6
vulnerability VCID-sfs6-eem9-kkd7
7
vulnerability VCID-tbtz-qm3p-qkew
8
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.0
3
url pkg:npm/electron@41.0.0-beta.8
purl pkg:npm/electron@41.0.0-beta.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-f3np-yfxu-kkch
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-qm2b-y2xm-ufcz
7
vulnerability VCID-sfs6-eem9-kkd7
8
vulnerability VCID-tbtz-qm3p-qkew
9
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8
aliases CVE-2026-34768, GHSA-jfqx-fxh3-c62j
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nu1t-cwrv-sqcx
11
url VCID-qm2b-y2xm-ufcz
vulnerability_id VCID-qm2b-y2xm-ufcz
summary electron: Electron: Arbitrary code execution or information disclosure via incorrect window handling
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34765.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34765.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34765
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07712
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34765
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/releases/tag/v39.8.5
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v39.8.5
4
reference_url https://github.com/electron/electron/releases/tag/v40.8.5
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v40.8.5
5
reference_url https://github.com/electron/electron/releases/tag/v41.1.0
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v41.1.0
6
reference_url https://github.com/electron/electron/releases/tag/v42.0.0-alpha.5
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v42.0.0-alpha.5
7
reference_url https://github.com/electron/electron/security/advisories/GHSA-f3pv-wv63-48x8
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:10Z/
url https://github.com/electron/electron/security/advisories/GHSA-f3pv-wv63-48x8
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34765
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34765
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456278
reference_id 2456278
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456278
10
reference_url https://github.com/advisories/GHSA-f3pv-wv63-48x8
reference_id GHSA-f3pv-wv63-48x8
reference_type
scores
url https://github.com/advisories/GHSA-f3pv-wv63-48x8
fixed_packages
0
url pkg:npm/electron@39.8.5
purl pkg:npm/electron@39.8.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.5
1
url pkg:npm/electron@40.8.5
purl pkg:npm/electron@40.8.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.5
2
url pkg:npm/electron@41.1.0
purl pkg:npm/electron@41.1.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.1.0
3
url pkg:npm/electron@42.0.0-alpha.5
purl pkg:npm/electron@42.0.0-alpha.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@42.0.0-alpha.5
aliases CVE-2026-34765, GHSA-f3pv-wv63-48x8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qm2b-y2xm-ufcz
12
url VCID-sfs6-eem9-kkd7
vulnerability_id VCID-sfs6-eem9-kkd7
summary Electron: Electron: Unauthorized permission granting and information disclosure via incorrect iframe origin
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34777.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34777.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34777
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00377
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34777
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-r5p7-gp4j-qhrx
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:32:48Z/
url https://github.com/electron/electron/security/advisories/GHSA-r5p7-gp4j-qhrx
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34777
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34777
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455022
reference_id 2455022
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455022
6
reference_url https://github.com/advisories/GHSA-r5p7-gp4j-qhrx
reference_id GHSA-r5p7-gp4j-qhrx
reference_type
scores
url https://github.com/advisories/GHSA-r5p7-gp4j-qhrx
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.1
purl pkg:npm/electron@39.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1
2
url pkg:npm/electron@40.8.1
purl pkg:npm/electron@40.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.1
3
url pkg:npm/electron@41.0.0
purl pkg:npm/electron@41.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0
aliases CVE-2026-34777, GHSA-r5p7-gp4j-qhrx
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sfs6-eem9-kkd7
13
url VCID-sv4z-1stx-cba6
vulnerability_id VCID-sv4z-1stx-cba6
summary 
Electron: Use-after-free in PowerMonitor on Windows and macOS
### Impact
Apps that use the `powerMonitor` module may be vulnerable to a use-after-free. After the native `PowerMonitor` object is garbage-collected, the associated OS-level resources (a message window on Windows, a shutdown handler on macOS) retain dangling references. A subsequent session-change event (Windows) or system shutdown (macOS) dereferences freed memory, which may lead to a crash or memory corruption.

All apps that access `powerMonitor` events (`suspend`, `resume`, `lock-screen`, etc.) are potentially affected. The issue is not directly renderer-controllable.

### Workarounds
There are no app side workarounds, you must update to a patched version of Electron.

### Fixed Versions
* `41.0.0-beta.8`
* `40.8.0`
* `39.8.1`
* `38.8.6`

### For more information
If there are any questions or comments about this advisory, please email [security@electronjs.org](mailto:security@electronjs.org)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34770
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.0296
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34770
1
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
2
reference_url https://github.com/electron/electron/security/advisories/GHSA-jjp3-mq3x-295m
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T19:09:58Z/
url https://github.com/electron/electron/security/advisories/GHSA-jjp3-mq3x-295m
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34770
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34770
4
reference_url https://github.com/advisories/GHSA-jjp3-mq3x-295m
reference_id GHSA-jjp3-mq3x-295m
reference_type
scores
url https://github.com/advisories/GHSA-jjp3-mq3x-295m
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.1
purl pkg:npm/electron@39.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1
2
url pkg:npm/electron@40.8.0
purl pkg:npm/electron@40.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-fc35-txd2-n3fx
5
vulnerability VCID-qm2b-y2xm-ufcz
6
vulnerability VCID-sfs6-eem9-kkd7
7
vulnerability VCID-tbtz-qm3p-qkew
8
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.0
3
url pkg:npm/electron@41.0.0-beta.8
purl pkg:npm/electron@41.0.0-beta.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-f3np-yfxu-kkch
5
vulnerability VCID-fc35-txd2-n3fx
6
vulnerability VCID-qm2b-y2xm-ufcz
7
vulnerability VCID-sfs6-eem9-kkd7
8
vulnerability VCID-tbtz-qm3p-qkew
9
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8
aliases CVE-2026-34770, GHSA-jjp3-mq3x-295m
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sv4z-1stx-cba6
14
url VCID-tbtz-qm3p-qkew
vulnerability_id VCID-tbtz-qm3p-qkew
summary Electron: Electron: Integrity issue due to IPC channel spoofing by a service worker
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34778.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34778.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34778
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00455
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34778
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-xj5x-m3f3-5x3h
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:50:39Z/
url https://github.com/electron/electron/security/advisories/GHSA-xj5x-m3f3-5x3h
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34778
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34778
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455024
reference_id 2455024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455024
6
reference_url https://github.com/advisories/GHSA-xj5x-m3f3-5x3h
reference_id GHSA-xj5x-m3f3-5x3h
reference_type
scores
url https://github.com/advisories/GHSA-xj5x-m3f3-5x3h
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.1
purl pkg:npm/electron@39.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1
2
url pkg:npm/electron@40.8.1
purl pkg:npm/electron@40.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.1
3
url pkg:npm/electron@41.0.0
purl pkg:npm/electron@41.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0
aliases CVE-2026-34778, GHSA-xj5x-m3f3-5x3h
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbtz-qm3p-qkew
15
url VCID-ttk4-u34e-bkeb
vulnerability_id VCID-ttk4-u34e-bkeb
summary 
Electron vulnerable to Heap Buffer Overflow in NativeImage
### Impact
The `nativeImage.createFromPath()` and `nativeImage.createFromBuffer()` functions call a function downstream that is vulnerable to a heap buffer overflow. An Electron program that uses either of the affected functions is vulnerable to a buffer overflow if an attacker is in control of the image's height, width, and contents.

### Workaround
There are no app-side workarounds for this issue. You must update your Electron version to be protected.

### Patches

- `v28.3.2`
- `v29.3.3`
- `v30.0.3`

### For More Information

If you have any questions or comments about this advisory, email us at [security@electronjs.org](mailto:security@electronjs.org).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-46993
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.14663
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-46993
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-6r2x-8pq8-9489
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-01T13:45:02Z/
url https://github.com/electron/electron/security/advisories/GHSA-6r2x-8pq8-9489
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-46993
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-46993
5
reference_url https://github.com/advisories/GHSA-6r2x-8pq8-9489
reference_id GHSA-6r2x-8pq8-9489
reference_type
scores
url https://github.com/advisories/GHSA-6r2x-8pq8-9489
fixed_packages
0
url pkg:npm/electron@28.3.2
purl pkg:npm/electron@28.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-f3np-yfxu-kkch
8
vulnerability VCID-fc35-txd2-n3fx
9
vulnerability VCID-nb2y-xsnc-zyba
10
vulnerability VCID-nu1t-cwrv-sqcx
11
vulnerability VCID-qm2b-y2xm-ufcz
12
vulnerability VCID-sfs6-eem9-kkd7
13
vulnerability VCID-sv4z-1stx-cba6
14
vulnerability VCID-tbtz-qm3p-qkew
15
vulnerability VCID-z93p-zdev-h3ck
16
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@28.3.2
1
url pkg:npm/electron@29.3.3
purl pkg:npm/electron@29.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-f3np-yfxu-kkch
8
vulnerability VCID-fc35-txd2-n3fx
9
vulnerability VCID-nb2y-xsnc-zyba
10
vulnerability VCID-nu1t-cwrv-sqcx
11
vulnerability VCID-qm2b-y2xm-ufcz
12
vulnerability VCID-sfs6-eem9-kkd7
13
vulnerability VCID-sv4z-1stx-cba6
14
vulnerability VCID-tbtz-qm3p-qkew
15
vulnerability VCID-z93p-zdev-h3ck
16
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@29.3.3
2
url pkg:npm/electron@30.0.3
purl pkg:npm/electron@30.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-f3np-yfxu-kkch
8
vulnerability VCID-fc35-txd2-n3fx
9
vulnerability VCID-h36d-2pfj-ykdv
10
vulnerability VCID-nb2y-xsnc-zyba
11
vulnerability VCID-nu1t-cwrv-sqcx
12
vulnerability VCID-qm2b-y2xm-ufcz
13
vulnerability VCID-sfs6-eem9-kkd7
14
vulnerability VCID-sv4z-1stx-cba6
15
vulnerability VCID-tbtz-qm3p-qkew
16
vulnerability VCID-z93p-zdev-h3ck
17
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@30.0.3
aliases CVE-2024-46993, GHSA-6r2x-8pq8-9489
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ttk4-u34e-bkeb
16
url VCID-z93p-zdev-h3ck
vulnerability_id VCID-z93p-zdev-h3ck
summary electron: ASAR Integrity Bypass via resource modification
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55305.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55305.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-55305
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.0079
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-55305
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/commit/23a02934510fcf951428e14573d9b2d2a3c4f28b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/
url https://github.com/electron/electron/commit/23a02934510fcf951428e14573d9b2d2a3c4f28b
4
reference_url https://github.com/electron/electron/commit/2e5a0b7220ebf955c6785cc5adb2e2b1cf77dac1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/
url https://github.com/electron/electron/commit/2e5a0b7220ebf955c6785cc5adb2e2b1cf77dac1
5
reference_url https://github.com/electron/electron/commit/3f92511cdecc39f46b0e86cce40a0c691e301c9d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/
url https://github.com/electron/electron/commit/3f92511cdecc39f46b0e86cce40a0c691e301c9d
6
reference_url https://github.com/electron/electron/commit/fdf29ce83870109d403f5c23ae529dbd0e8f4fee
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/
url https://github.com/electron/electron/commit/fdf29ce83870109d403f5c23ae529dbd0e8f4fee
7
reference_url https://github.com/electron/electron/pull/48101
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/
url https://github.com/electron/electron/pull/48101
8
reference_url https://github.com/electron/electron/pull/48102
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/
url https://github.com/electron/electron/pull/48102
9
reference_url https://github.com/electron/electron/pull/48103
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/
url https://github.com/electron/electron/pull/48103
10
reference_url https://github.com/electron/electron/pull/48104
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/
url https://github.com/electron/electron/pull/48104
11
reference_url https://github.com/electron/electron/security/advisories/GHSA-vmqv-hx8q-j7mg
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/
url https://github.com/electron/electron/security/advisories/GHSA-vmqv-hx8q-j7mg
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-55305
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-55305
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2393398
reference_id 2393398
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2393398
14
reference_url https://github.com/advisories/GHSA-vmqv-hx8q-j7mg
reference_id GHSA-vmqv-hx8q-j7mg
reference_type
scores
url https://github.com/advisories/GHSA-vmqv-hx8q-j7mg
fixed_packages
0
url pkg:npm/electron@35.7.5
purl pkg:npm/electron@35.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5amq-7pw8-ufbs
5
vulnerability VCID-5ubr-1u28-myea
6
vulnerability VCID-6gw3-vnmy-e7cm
7
vulnerability VCID-7yd4-qkmc-a7ft
8
vulnerability VCID-f3np-yfxu-kkch
9
vulnerability VCID-fc35-txd2-n3fx
10
vulnerability VCID-nb2y-xsnc-zyba
11
vulnerability VCID-nu1t-cwrv-sqcx
12
vulnerability VCID-qm2b-y2xm-ufcz
13
vulnerability VCID-sfs6-eem9-kkd7
14
vulnerability VCID-sv4z-1stx-cba6
15
vulnerability VCID-tbtz-qm3p-qkew
16
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@35.7.5
1
url pkg:npm/electron@36.8.1
purl pkg:npm/electron@36.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5amq-7pw8-ufbs
5
vulnerability VCID-5ubr-1u28-myea
6
vulnerability VCID-6gw3-vnmy-e7cm
7
vulnerability VCID-7yd4-qkmc-a7ft
8
vulnerability VCID-f3np-yfxu-kkch
9
vulnerability VCID-fc35-txd2-n3fx
10
vulnerability VCID-nb2y-xsnc-zyba
11
vulnerability VCID-nu1t-cwrv-sqcx
12
vulnerability VCID-qm2b-y2xm-ufcz
13
vulnerability VCID-sfs6-eem9-kkd7
14
vulnerability VCID-sv4z-1stx-cba6
15
vulnerability VCID-tbtz-qm3p-qkew
16
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@36.8.1
2
url pkg:npm/electron@37.3.1
purl pkg:npm/electron@37.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5amq-7pw8-ufbs
5
vulnerability VCID-5ubr-1u28-myea
6
vulnerability VCID-6gw3-vnmy-e7cm
7
vulnerability VCID-7yd4-qkmc-a7ft
8
vulnerability VCID-f3np-yfxu-kkch
9
vulnerability VCID-fc35-txd2-n3fx
10
vulnerability VCID-nb2y-xsnc-zyba
11
vulnerability VCID-nu1t-cwrv-sqcx
12
vulnerability VCID-qm2b-y2xm-ufcz
13
vulnerability VCID-sfs6-eem9-kkd7
14
vulnerability VCID-sv4z-1stx-cba6
15
vulnerability VCID-tbtz-qm3p-qkew
16
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@37.3.1
3
url pkg:npm/electron@38.0.0-beta.6
purl pkg:npm/electron@38.0.0-beta.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5amq-7pw8-ufbs
5
vulnerability VCID-5ubr-1u28-myea
6
vulnerability VCID-6gw3-vnmy-e7cm
7
vulnerability VCID-7yd4-qkmc-a7ft
8
vulnerability VCID-f3np-yfxu-kkch
9
vulnerability VCID-fc35-txd2-n3fx
10
vulnerability VCID-nb2y-xsnc-zyba
11
vulnerability VCID-nu1t-cwrv-sqcx
12
vulnerability VCID-qm2b-y2xm-ufcz
13
vulnerability VCID-sfs6-eem9-kkd7
14
vulnerability VCID-sv4z-1stx-cba6
15
vulnerability VCID-tbtz-qm3p-qkew
16
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.0.0-beta.6
aliases CVE-2025-55305, GHSA-vmqv-hx8q-j7mg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z93p-zdev-h3ck
17
url VCID-zqp2-ye81-t7d7
vulnerability_id VCID-zqp2-ye81-t7d7
summary electron: Electron: Protocol handler hijacking via improper validation of protocol names
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34773.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34773.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34773
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06823
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34773
2
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-mwmh-mq4g-g6gr
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T16:03:47Z/
url https://github.com/electron/electron/security/advisories/GHSA-mwmh-mq4g-g6gr
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34773
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34773
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455025
reference_id 2455025
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455025
6
reference_url https://github.com/advisories/GHSA-mwmh-mq4g-g6gr
reference_id GHSA-mwmh-mq4g-g6gr
reference_type
scores
url https://github.com/advisories/GHSA-mwmh-mq4g-g6gr
fixed_packages
0
url pkg:npm/electron@38.8.6
purl pkg:npm/electron@38.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-f3np-yfxu-kkch
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6
1
url pkg:npm/electron@39.8.1
purl pkg:npm/electron@39.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1
2
url pkg:npm/electron@40.8.1
purl pkg:npm/electron@40.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-6gw3-vnmy-e7cm
4
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.1
3
url pkg:npm/electron@41.0.0
purl pkg:npm/electron@41.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-5amq-7pw8-ufbs
2
vulnerability VCID-5ubr-1u28-myea
3
vulnerability VCID-qm2b-y2xm-ufcz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0
aliases CVE-2026-34773, GHSA-mwmh-mq4g-g6gr
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zqp2-ye81-t7d7
Fixing_vulnerabilities
0
url VCID-gwvj-7ub4-c3g7
vulnerability_id VCID-gwvj-7ub4-c3g7
summary Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5217
reference_id
reference_type
scores
0
value 0.04976
scoring_system epss
scoring_elements 0.89837
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5217
2
reference_url https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software
3
reference_url https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2241191
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2241191
5
reference_url https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
6
reference_url https://crbug.com/1486441
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://crbug.com/1486441
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
13
reference_url http://seclists.org/fulldisclosure/2023/Oct/12
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://seclists.org/fulldisclosure/2023/Oct/12
14
reference_url http://seclists.org/fulldisclosure/2023/Oct/16
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://seclists.org/fulldisclosure/2023/Oct/16
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
17
reference_url https://github.com/electron/electron/pull/40022
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/40022
18
reference_url https://github.com/electron/electron/pull/40023
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/40023
19
reference_url https://github.com/electron/electron/pull/40024
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/40024
20
reference_url https://github.com/electron/electron/pull/40025
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/40025
21
reference_url https://github.com/electron/electron/pull/40026
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/40026
22
reference_url https://github.com/electron/electron/releases/tag/v22.3.25
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v22.3.25
23
reference_url https://github.com/electron/electron/releases/tag/v24.8.5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v24.8.5
24
reference_url https://github.com/electron/electron/releases/tag/v25.8.4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v25.8.4
25
reference_url https://github.com/electron/electron/releases/tag/v26.2.4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v26.2.4
26
reference_url https://github.com/electron/electron/releases/tag/v27.0.0-beta.8
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v27.0.0-beta.8
27
reference_url https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590
28
reference_url https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282
29
reference_url https://github.com/webmproject/libvpx/releases/tag/v1.13.1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://github.com/webmproject/libvpx/releases/tag/v1.13.1
30
reference_url https://github.com/webmproject/libvpx/tags
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://github.com/webmproject/libvpx/tags
31
reference_url https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html
32
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
33
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4
35
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/
36
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6
42
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/
43
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB
44
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I
45
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/
46
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5217
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5217
47
reference_url https://pastebin.com/TdkC4pDv
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://pastebin.com/TdkC4pDv
48
reference_url https://security.gentoo.org/glsa/202310-04
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://security.gentoo.org/glsa/202310-04
49
reference_url https://security.gentoo.org/glsa/202401-34
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://security.gentoo.org/glsa/202401-34
50
reference_url https://security-tracker.debian.org/tracker/CVE-2023-5217
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://security-tracker.debian.org/tracker/CVE-2023-5217
51
reference_url https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217
52
reference_url https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/
53
reference_url https://support.apple.com/kb/HT213961
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://support.apple.com/kb/HT213961
54
reference_url https://support.apple.com/kb/HT213972
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://support.apple.com/kb/HT213972
55
reference_url https://twitter.com/maddiestone/status/1707163313711497266
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://twitter.com/maddiestone/status/1707163313711497266
56
reference_url https://www.debian.org/security/2023/dsa-5508
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://www.debian.org/security/2023/dsa-5508
57
reference_url https://www.debian.org/security/2023/dsa-5509
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://www.debian.org/security/2023/dsa-5509
58
reference_url https://www.debian.org/security/2023/dsa-5510
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://www.debian.org/security/2023/dsa-5510
59
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
60
reference_url https://www.openwall.com/lists/oss-security/2023/09/28/5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://www.openwall.com/lists/oss-security/2023/09/28/5
61
reference_url http://www.openwall.com/lists/oss-security/2023/09/28/5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/28/5
62
reference_url http://www.openwall.com/lists/oss-security/2023/09/28/6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/28/6
63
reference_url http://www.openwall.com/lists/oss-security/2023/09/29/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/29/1
64
reference_url http://www.openwall.com/lists/oss-security/2023/09/29/11
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/29/11
65
reference_url http://www.openwall.com/lists/oss-security/2023/09/29/12
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/29/12
66
reference_url http://www.openwall.com/lists/oss-security/2023/09/29/14
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/29/14
67
reference_url http://www.openwall.com/lists/oss-security/2023/09/29/2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/29/2
68
reference_url http://www.openwall.com/lists/oss-security/2023/09/29/7
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/29/7
69
reference_url http://www.openwall.com/lists/oss-security/2023/09/29/9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/29/9
70
reference_url http://www.openwall.com/lists/oss-security/2023/09/30/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/30/1
71
reference_url http://www.openwall.com/lists/oss-security/2023/09/30/2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/30/2
72
reference_url http://www.openwall.com/lists/oss-security/2023/09/30/3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/30/3
73
reference_url http://www.openwall.com/lists/oss-security/2023/09/30/4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/30/4
74
reference_url http://www.openwall.com/lists/oss-security/2023/09/30/5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/09/30/5
75
reference_url http://www.openwall.com/lists/oss-security/2023/10/01/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/10/01/1
76
reference_url http://www.openwall.com/lists/oss-security/2023/10/01/2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/10/01/2
77
reference_url http://www.openwall.com/lists/oss-security/2023/10/01/5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/10/01/5
78
reference_url http://www.openwall.com/lists/oss-security/2023/10/02/6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/10/02/6
79
reference_url http://www.openwall.com/lists/oss-security/2023/10/03/11
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url http://www.openwall.com/lists/oss-security/2023/10/03/11
80
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182
reference_id 1053182
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182
81
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
reference_id AY642Z6JZODQJE7Z62CFREVUHEGCXGPD
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
82
reference_url https://github.com/advisories/GHSA-qqvq-6xgj-jw8g
reference_id GHSA-qqvq-6xgj-jw8g
reference_type
scores
url https://github.com/advisories/GHSA-qqvq-6xgj-jw8g
83
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-44
reference_id mfsa2023-44
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value critical
scoring_system generic_textual
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-44
84
reference_url https://access.redhat.com/errata/RHSA-2023:5426
reference_id RHSA-2023:5426
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5426
85
reference_url https://access.redhat.com/errata/RHSA-2023:5427
reference_id RHSA-2023:5427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5427
86
reference_url https://access.redhat.com/errata/RHSA-2023:5428
reference_id RHSA-2023:5428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5428
87
reference_url https://access.redhat.com/errata/RHSA-2023:5429
reference_id RHSA-2023:5429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5429
88
reference_url https://access.redhat.com/errata/RHSA-2023:5430
reference_id RHSA-2023:5430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5430
89
reference_url https://access.redhat.com/errata/RHSA-2023:5432
reference_id RHSA-2023:5432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5432
90
reference_url https://access.redhat.com/errata/RHSA-2023:5433
reference_id RHSA-2023:5433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5433
91
reference_url https://access.redhat.com/errata/RHSA-2023:5434
reference_id RHSA-2023:5434
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5434
92
reference_url https://access.redhat.com/errata/RHSA-2023:5435
reference_id RHSA-2023:5435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5435
93
reference_url https://access.redhat.com/errata/RHSA-2023:5436
reference_id RHSA-2023:5436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5436
94
reference_url https://access.redhat.com/errata/RHSA-2023:5437
reference_id RHSA-2023:5437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5437
95
reference_url https://access.redhat.com/errata/RHSA-2023:5438
reference_id RHSA-2023:5438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5438
96
reference_url https://access.redhat.com/errata/RHSA-2023:5439
reference_id RHSA-2023:5439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5439
97
reference_url https://access.redhat.com/errata/RHSA-2023:5440
reference_id RHSA-2023:5440
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5440
98
reference_url https://access.redhat.com/errata/RHSA-2023:5475
reference_id RHSA-2023:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5475
99
reference_url https://access.redhat.com/errata/RHSA-2023:5477
reference_id RHSA-2023:5477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5477
100
reference_url https://access.redhat.com/errata/RHSA-2023:5534
reference_id RHSA-2023:5534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5534
101
reference_url https://access.redhat.com/errata/RHSA-2023:5535
reference_id RHSA-2023:5535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5535
102
reference_url https://access.redhat.com/errata/RHSA-2023:5536
reference_id RHSA-2023:5536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5536
103
reference_url https://access.redhat.com/errata/RHSA-2023:5537
reference_id RHSA-2023:5537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5537
104
reference_url https://access.redhat.com/errata/RHSA-2023:5538
reference_id RHSA-2023:5538
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5538
105
reference_url https://access.redhat.com/errata/RHSA-2023:5539
reference_id RHSA-2023:5539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5539
106
reference_url https://access.redhat.com/errata/RHSA-2023:5540
reference_id RHSA-2023:5540
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5540
107
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
reference_id TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
108
reference_url https://usn.ubuntu.com/6403-1/
reference_id USN-6403-1
reference_type
scores
url https://usn.ubuntu.com/6403-1/
109
reference_url https://usn.ubuntu.com/6403-2/
reference_id USN-6403-2
reference_type
scores
url https://usn.ubuntu.com/6403-2/
110
reference_url https://usn.ubuntu.com/6403-3/
reference_id USN-6403-3
reference_type
scores
url https://usn.ubuntu.com/6403-3/
111
reference_url https://usn.ubuntu.com/6404-1/
reference_id USN-6404-1
reference_type
scores
url https://usn.ubuntu.com/6404-1/
112
reference_url https://usn.ubuntu.com/6405-1/
reference_id USN-6405-1
reference_type
scores
url https://usn.ubuntu.com/6405-1/
113
reference_url https://usn.ubuntu.com/7172-1/
reference_id USN-7172-1
reference_type
scores
url https://usn.ubuntu.com/7172-1/
fixed_packages
0
url pkg:npm/electron@22.3.25
purl pkg:npm/electron@22.3.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-f3np-yfxu-kkch
8
vulnerability VCID-fc35-txd2-n3fx
9
vulnerability VCID-nb2y-xsnc-zyba
10
vulnerability VCID-nu1t-cwrv-sqcx
11
vulnerability VCID-qm2b-y2xm-ufcz
12
vulnerability VCID-sfs6-eem9-kkd7
13
vulnerability VCID-sv4z-1stx-cba6
14
vulnerability VCID-tbtz-qm3p-qkew
15
vulnerability VCID-ttk4-u34e-bkeb
16
vulnerability VCID-z93p-zdev-h3ck
17
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@22.3.25
1
url pkg:npm/electron@23.0.0-alpha.1
purl pkg:npm/electron@23.0.0-alpha.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-dm93-f76y-8kb6
8
vulnerability VCID-f3np-yfxu-kkch
9
vulnerability VCID-fc35-txd2-n3fx
10
vulnerability VCID-gqzu-23pu-rkc8
11
vulnerability VCID-nb2y-xsnc-zyba
12
vulnerability VCID-nu1t-cwrv-sqcx
13
vulnerability VCID-q59j-ednk-7yd3
14
vulnerability VCID-qm2b-y2xm-ufcz
15
vulnerability VCID-sfs6-eem9-kkd7
16
vulnerability VCID-sv4z-1stx-cba6
17
vulnerability VCID-t318-kt6a-97fm
18
vulnerability VCID-tbtz-qm3p-qkew
19
vulnerability VCID-ttk4-u34e-bkeb
20
vulnerability VCID-z93p-zdev-h3ck
21
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@23.0.0-alpha.1
2
url pkg:npm/electron@24.8.5
purl pkg:npm/electron@24.8.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-f3np-yfxu-kkch
8
vulnerability VCID-fc35-txd2-n3fx
9
vulnerability VCID-nb2y-xsnc-zyba
10
vulnerability VCID-nu1t-cwrv-sqcx
11
vulnerability VCID-qm2b-y2xm-ufcz
12
vulnerability VCID-sfs6-eem9-kkd7
13
vulnerability VCID-sv4z-1stx-cba6
14
vulnerability VCID-tbtz-qm3p-qkew
15
vulnerability VCID-ttk4-u34e-bkeb
16
vulnerability VCID-z93p-zdev-h3ck
17
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@24.8.5
3
url pkg:npm/electron@25.0.0-alpha.1
purl pkg:npm/electron@25.0.0-alpha.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-dm93-f76y-8kb6
8
vulnerability VCID-f3np-yfxu-kkch
9
vulnerability VCID-fc35-txd2-n3fx
10
vulnerability VCID-gqzu-23pu-rkc8
11
vulnerability VCID-nb2y-xsnc-zyba
12
vulnerability VCID-nu1t-cwrv-sqcx
13
vulnerability VCID-qm2b-y2xm-ufcz
14
vulnerability VCID-sfs6-eem9-kkd7
15
vulnerability VCID-sv4z-1stx-cba6
16
vulnerability VCID-t318-kt6a-97fm
17
vulnerability VCID-tbtz-qm3p-qkew
18
vulnerability VCID-ttk4-u34e-bkeb
19
vulnerability VCID-z93p-zdev-h3ck
20
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@25.0.0-alpha.1
4
url pkg:npm/electron@25.8.4
purl pkg:npm/electron@25.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-f3np-yfxu-kkch
8
vulnerability VCID-fc35-txd2-n3fx
9
vulnerability VCID-nb2y-xsnc-zyba
10
vulnerability VCID-nu1t-cwrv-sqcx
11
vulnerability VCID-qm2b-y2xm-ufcz
12
vulnerability VCID-sfs6-eem9-kkd7
13
vulnerability VCID-sv4z-1stx-cba6
14
vulnerability VCID-tbtz-qm3p-qkew
15
vulnerability VCID-ttk4-u34e-bkeb
16
vulnerability VCID-z93p-zdev-h3ck
17
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@25.8.4
5
url pkg:npm/electron@26.0.0-alpha.1
purl pkg:npm/electron@26.0.0-alpha.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-dm93-f76y-8kb6
8
vulnerability VCID-f3np-yfxu-kkch
9
vulnerability VCID-fc35-txd2-n3fx
10
vulnerability VCID-nb2y-xsnc-zyba
11
vulnerability VCID-nu1t-cwrv-sqcx
12
vulnerability VCID-qm2b-y2xm-ufcz
13
vulnerability VCID-sfs6-eem9-kkd7
14
vulnerability VCID-sv4z-1stx-cba6
15
vulnerability VCID-t318-kt6a-97fm
16
vulnerability VCID-tbtz-qm3p-qkew
17
vulnerability VCID-ttk4-u34e-bkeb
18
vulnerability VCID-z93p-zdev-h3ck
19
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@26.0.0-alpha.1
6
url pkg:npm/electron@26.2.4
purl pkg:npm/electron@26.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-f3np-yfxu-kkch
8
vulnerability VCID-fc35-txd2-n3fx
9
vulnerability VCID-nb2y-xsnc-zyba
10
vulnerability VCID-nu1t-cwrv-sqcx
11
vulnerability VCID-qm2b-y2xm-ufcz
12
vulnerability VCID-sfs6-eem9-kkd7
13
vulnerability VCID-sv4z-1stx-cba6
14
vulnerability VCID-tbtz-qm3p-qkew
15
vulnerability VCID-ttk4-u34e-bkeb
16
vulnerability VCID-z93p-zdev-h3ck
17
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@26.2.4
7
url pkg:npm/electron@27.0.0-beta.8
purl pkg:npm/electron@27.0.0-beta.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2keb-x1ty-8uat
1
vulnerability VCID-2wh9-gwvs-w7de
2
vulnerability VCID-39bj-4jxj-vfcd
3
vulnerability VCID-4sm1-hzbp-zydw
4
vulnerability VCID-5ubr-1u28-myea
5
vulnerability VCID-6gw3-vnmy-e7cm
6
vulnerability VCID-7yd4-qkmc-a7ft
7
vulnerability VCID-f3np-yfxu-kkch
8
vulnerability VCID-fc35-txd2-n3fx
9
vulnerability VCID-nb2y-xsnc-zyba
10
vulnerability VCID-nu1t-cwrv-sqcx
11
vulnerability VCID-qm2b-y2xm-ufcz
12
vulnerability VCID-sfs6-eem9-kkd7
13
vulnerability VCID-sv4z-1stx-cba6
14
vulnerability VCID-tbtz-qm3p-qkew
15
vulnerability VCID-ttk4-u34e-bkeb
16
vulnerability VCID-z93p-zdev-h3ck
17
vulnerability VCID-zqp2-ye81-t7d7
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@27.0.0-beta.8
aliases CVE-2023-5217, GHSA-qqvq-6xgj-jw8g
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gwvj-7ub4-c3g7
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/electron@27.0.0-beta.8