{"url":"http://public2.vulnerablecode.io/api/packages/672780?format=json","purl":"pkg:npm/electron@22.3.21","type":"npm","namespace":"","name":"electron","version":"22.3.21","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"39.8.5","latest_non_vulnerable_version":"42.0.0-alpha.5","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63637?format=json","vulnerability_id":"VCID-2kk5-3p41-kycs","summary":"electron: Electron: Protocol handler hijacking via improper validation of protocol names","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34773.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34773.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34773","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06694","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34773"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-mwmh-mq4g-g6gr","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T16:03:47Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-mwmh-mq4g-g6gr"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34773","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34773"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455025","reference_id":"2455025","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455025"},{"reference_url":"https://github.com/advisories/GHSA-mwmh-mq4g-g6gr","reference_id":"GHSA-mwmh-mq4g-g6gr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mwmh-mq4g-g6gr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/109947?format=json","purl":"pkg:npm/electron@39.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/109949?format=json","purl":"pkg:npm/electron@40.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/109869?format=json","purl":"pkg:npm/electron@41.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0"}],"aliases":["CVE-2026-34773","GHSA-mwmh-mq4g-g6gr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2kk5-3p41-kycs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63645?format=json","vulnerability_id":"VCID-3wxh-7cvs-g3et","summary":"Electron: Electron: Arbitrary code execution and security bypass via undocumented command-line switches","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34769.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34769.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34769","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01636","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34769"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-9wfr-w7mm-pc7f","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T15:34:49Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-9wfr-w7mm-pc7f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34769","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34769"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455004","reference_id":"2455004","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455004"},{"reference_url":"https://github.com/advisories/GHSA-9wfr-w7mm-pc7f","reference_id":"GHSA-9wfr-w7mm-pc7f","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9wfr-w7mm-pc7f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/110321?format=json","purl":"pkg:npm/electron@39.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110322?format=json","purl":"pkg:npm/electron@40.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110558?format=json","purl":"pkg:npm/electron@41.0.0-beta.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8"}],"aliases":["CVE-2026-34769","GHSA-9wfr-w7mm-pc7f"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wxh-7cvs-g3et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63633?format=json","vulnerability_id":"VCID-4u89-87dg-zqdt","summary":"Electron: Electron: Information disclosure via crafted second-instance message","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34776.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34776","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01714","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34776"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-3c8v-cfp5-9885","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:31:24Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-3c8v-cfp5-9885"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34776","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34776"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455021","reference_id":"2455021","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455021"},{"reference_url":"https://github.com/advisories/GHSA-3c8v-cfp5-9885","reference_id":"GHSA-3c8v-cfp5-9885","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3c8v-cfp5-9885"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/109947?format=json","purl":"pkg:npm/electron@39.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/109949?format=json","purl":"pkg:npm/electron@40.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/109869?format=json","purl":"pkg:npm/electron@41.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0"}],"aliases":["CVE-2026-34776","GHSA-3c8v-cfp5-9885"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4u89-87dg-zqdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63336?format=json","vulnerability_id":"VCID-5cmc-cnnq-xyhw","summary":"Electron: Electron: Denial of Service via malformed clipboard image data","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34781.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34781.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34781","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00323","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34781"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/commit/a48f03fb8d03933547281ddb2dbb6c6b9e705287","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/commit/a48f03fb8d03933547281ddb2dbb6c6b9e705287"},{"reference_url":"https://github.com/electron/electron/pull/50475","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/50475"},{"reference_url":"https://github.com/electron/electron/releases/tag/v39.8.5","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v39.8.5"},{"reference_url":"https://github.com/electron/electron/releases/tag/v40.8.5","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v40.8.5"},{"reference_url":"https://github.com/electron/electron/releases/tag/v41.1.0","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v41.1.0"},{"reference_url":"https://github.com/electron/electron/releases/tag/v42.0.0-alpha.5","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v42.0.0-alpha.5"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-f37v-82c4-4x64","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-08T16:10:12Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-f37v-82c4-4x64"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34781","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34781"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456279","reference_id":"2456279","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456279"},{"reference_url":"https://github.com/advisories/GHSA-f37v-82c4-4x64","reference_id":"GHSA-f37v-82c4-4x64","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-f37v-82c4-4x64"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/111155?format=json","purl":"pkg:npm/electron@39.8.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/111158?format=json","purl":"pkg:npm/electron@40.8.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/111161?format=json","purl":"pkg:npm/electron@41.1.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/111164?format=json","purl":"pkg:npm/electron@42.0.0-alpha.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@42.0.0-alpha.5"}],"aliases":["CVE-2026-34781","GHSA-f37v-82c4-4x64"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5cmc-cnnq-xyhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63636?format=json","vulnerability_id":"VCID-5w4g-q3st-m7hf","summary":"Electron: Electron: Memory corruption and crash due to use-after-free in offscreen rendering","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34774.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34774.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34774","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05536","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34774"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-532v-xpq5-8h95","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T15:28:41Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-532v-xpq5-8h95"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34774","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34774"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455026","reference_id":"2455026","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455026"},{"reference_url":"https://github.com/advisories/GHSA-532v-xpq5-8h95","reference_id":"GHSA-532v-xpq5-8h95","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-532v-xpq5-8h95"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109947?format=json","purl":"pkg:npm/electron@39.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/110322?format=json","purl":"pkg:npm/electron@40.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/109869?format=json","purl":"pkg:npm/electron@41.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0"}],"aliases":["CVE-2026-34774","GHSA-532v-xpq5-8h95"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5w4g-q3st-m7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63643?format=json","vulnerability_id":"VCID-6vad-u5vg-dba5","summary":"Electron: Electron: Unauthorized USB device access via select-usb-device event callback validation bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34766.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34766.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34766","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01087","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34766"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-9899-m83m-qhpj","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T19:07:01Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-9899-m83m-qhpj"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34766","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34766"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454998","reference_id":"2454998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454998"},{"reference_url":"https://github.com/advisories/GHSA-9899-m83m-qhpj","reference_id":"GHSA-9899-m83m-qhpj","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9899-m83m-qhpj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/110321?format=json","purl":"pkg:npm/electron@39.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110322?format=json","purl":"pkg:npm/electron@40.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110558?format=json","purl":"pkg:npm/electron@41.0.0-beta.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8"}],"aliases":["CVE-2026-34766","GHSA-9899-m83m-qhpj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6vad-u5vg-dba5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58057?format=json","vulnerability_id":"VCID-7c28-bmu2-qbcs","summary":"Electron has ASAR Integrity Bypass via resource modification\nThis only impacts apps that have the `embeddedAsarIntegrityValidation` and `onlyLoadAppFromAsar` [fuses](https://www.electronjs.org/docs/latest/tutorial/fuses) enabled.  Apps without these fuses enabled are not impacted.\n\nSpecifically this issue can only be exploited if your app is launched from a filesystem the attacker has write access too.  i.e. the ability to edit files inside the `resources` folder in your app installation on Windows which these fuses are supposed to protect against.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55305.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55305.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55305","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00958","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55305"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/commit/23a02934510fcf951428e14573d9b2d2a3c4f28b","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/"}],"url":"https://github.com/electron/electron/commit/23a02934510fcf951428e14573d9b2d2a3c4f28b"},{"reference_url":"https://github.com/electron/electron/commit/2e5a0b7220ebf955c6785cc5adb2e2b1cf77dac1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/"}],"url":"https://github.com/electron/electron/commit/2e5a0b7220ebf955c6785cc5adb2e2b1cf77dac1"},{"reference_url":"https://github.com/electron/electron/commit/3f92511cdecc39f46b0e86cce40a0c691e301c9d","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/"}],"url":"https://github.com/electron/electron/commit/3f92511cdecc39f46b0e86cce40a0c691e301c9d"},{"reference_url":"https://github.com/electron/electron/commit/fdf29ce83870109d403f5c23ae529dbd0e8f4fee","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/"}],"url":"https://github.com/electron/electron/commit/fdf29ce83870109d403f5c23ae529dbd0e8f4fee"},{"reference_url":"https://github.com/electron/electron/pull/48101","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/"}],"url":"https://github.com/electron/electron/pull/48101"},{"reference_url":"https://github.com/electron/electron/pull/48102","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/"}],"url":"https://github.com/electron/electron/pull/48102"},{"reference_url":"https://github.com/electron/electron/pull/48103","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/"}],"url":"https://github.com/electron/electron/pull/48103"},{"reference_url":"https://github.com/electron/electron/pull/48104","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/"}],"url":"https://github.com/electron/electron/pull/48104"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393398","reference_id":"2393398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393398"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55305","reference_id":"CVE-2025-55305","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55305"},{"reference_url":"https://github.com/advisories/GHSA-vmqv-hx8q-j7mg","reference_id":"GHSA-vmqv-hx8q-j7mg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vmqv-hx8q-j7mg"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-vmqv-hx8q-j7mg","reference_id":"GHSA-vmqv-hx8q-j7mg","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T15:44:19Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-vmqv-hx8q-j7mg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86376?format=json","purl":"pkg:npm/electron@35.7.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@35.7.5"},{"url":"http://public2.vulnerablecode.io/api/packages/86377?format=json","purl":"pkg:npm/electron@36.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@36.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/86378?format=json","purl":"pkg:npm/electron@37.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@37.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/86379?format=json","purl":"pkg:npm/electron@38.0.0-beta.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.0.0-beta.6"}],"aliases":["CVE-2025-55305","GHSA-vmqv-hx8q-j7mg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7c28-bmu2-qbcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46534?format=json","vulnerability_id":"VCID-de1j-4qwd-duab","summary":"ASAR Integrity bypass via filetype confusion in electron\nThis only impacts apps that have the `embeddedAsarIntegrityValidation` and `onlyLoadAppFromAsar` [fuses](https://www.electronjs.org/docs/latest/tutorial/fuses) enabled.  Apps without these fuses enabled are not impacted.  This issue is specific to macOS as these fuses are only currently supported on macOS.\n\nSpecifically this issue can only be exploited if your app is launched from a filesystem the attacker has write access too.  i.e. the ability to edit files inside the `resources` folder in your app installation on Windows which these fuses are supposed to protect against.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44402","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29775","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44402"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/pull/39788","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39788"},{"reference_url":"https://www.electronjs.org/docs/latest/tutorial/fuses","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.electronjs.org/docs/latest/tutorial/fuses"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44402","reference_id":"CVE-2023-44402","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44402"},{"reference_url":"https://github.com/advisories/GHSA-7m48-wc93-9g85","reference_id":"GHSA-7m48-wc93-9g85","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7m48-wc93-9g85"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-7m48-wc93-9g85","reference_id":"GHSA-7m48-wc93-9g85","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/security/advisories/GHSA-7m48-wc93-9g85"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66909?format=json","purl":"pkg:npm/electron@22.3.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@22.3.24"},{"url":"http://public2.vulnerablecode.io/api/packages/66910?format=json","purl":"pkg:npm/electron@24.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@24.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/66911?format=json","purl":"pkg:npm/electron@25.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@25.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/66912?format=json","purl":"pkg:npm/electron@26.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@26.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/68004?format=json","purl":"pkg:npm/electron@27.0.0-alpha.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@27.0.0-alpha.7"},{"url":"http://public2.vulnerablecode.io/api/packages/66908?format=json","purl":"pkg:npm/electron@27.0.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-k669-cacz-9fcd"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@27.0.0-beta.1"}],"aliases":["CVE-2023-44402","GHSA-7m48-wc93-9g85"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-de1j-4qwd-duab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63638?format=json","vulnerability_id":"VCID-df1y-n1s8-x3g4","summary":"Electron: Electron: Use-after-free vulnerability leads to memory corruption or crash","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34772.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34772.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34772","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02901","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34772"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-9w97-2464-8783","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:27:31Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-9w97-2464-8783"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34772","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34772"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455005","reference_id":"2455005","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455005"},{"reference_url":"https://github.com/advisories/GHSA-9w97-2464-8783","reference_id":"GHSA-9w97-2464-8783","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9w97-2464-8783"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/110321?format=json","purl":"pkg:npm/electron@39.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110322?format=json","purl":"pkg:npm/electron@40.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110323?format=json","purl":"pkg:npm/electron@41.0.0-beta.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h5f-hwjw-77dp"},{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.7"}],"aliases":["CVE-2026-34772","GHSA-9w97-2464-8783"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-df1y-n1s8-x3g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63632?format=json","vulnerability_id":"VCID-egxx-avtf-ekah","summary":"Electron: Electron: Unauthorized permission granting and information disclosure via incorrect iframe origin","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34777.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34777.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34777","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00385","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34777"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-r5p7-gp4j-qhrx","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:32:48Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-r5p7-gp4j-qhrx"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34777","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34777"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455022","reference_id":"2455022","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455022"},{"reference_url":"https://github.com/advisories/GHSA-r5p7-gp4j-qhrx","reference_id":"GHSA-r5p7-gp4j-qhrx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-r5p7-gp4j-qhrx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/109947?format=json","purl":"pkg:npm/electron@39.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/109949?format=json","purl":"pkg:npm/electron@40.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/109869?format=json","purl":"pkg:npm/electron@41.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0"}],"aliases":["CVE-2026-34777","GHSA-r5p7-gp4j-qhrx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egxx-avtf-ekah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1090?format=json","vulnerability_id":"VCID-ghpk-c1e6-pkae","summary":"Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5217","reference_id":"","reference_type":"","scores":[{"value":"0.04976","scoring_system":"epss","scoring_elements":"0.89878","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5217"},{"reference_url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software"},{"reference_url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241191","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241191"},{"reference_url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html"},{"reference_url":"https://crbug.com/1486441","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://crbug.com/1486441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/12","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/12"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/16","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/16"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/pull/40022","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40022"},{"reference_url":"https://github.com/electron/electron/pull/40023","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40023"},{"reference_url":"https://github.com/electron/electron/pull/40024","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40024"},{"reference_url":"https://github.com/electron/electron/pull/40025","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40025"},{"reference_url":"https://github.com/electron/electron/pull/40026","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40026"},{"reference_url":"https://github.com/electron/electron/releases/tag/v22.3.25","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v22.3.25"},{"reference_url":"https://github.com/electron/electron/releases/tag/v24.8.5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v24.8.5"},{"reference_url":"https://github.com/electron/electron/releases/tag/v25.8.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v25.8.4"},{"reference_url":"https://github.com/electron/electron/releases/tag/v26.2.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v26.2.4"},{"reference_url":"https://github.com/electron/electron/releases/tag/v27.0.0-beta.8","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v27.0.0-beta.8"},{"reference_url":"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590"},{"reference_url":"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282"},{"reference_url":"https://github.com/webmproject/libvpx/releases/tag/v1.13.1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/releases/tag/v1.13.1"},{"reference_url":"https://github.com/webmproject/libvpx/tags","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/tags"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"},{"reference_url":"https://pastebin.com/TdkC4pDv","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://pastebin.com/TdkC4pDv"},{"reference_url":"https://security.gentoo.org/glsa/202310-04","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security.gentoo.org/glsa/202310-04"},{"reference_url":"https://security.gentoo.org/glsa/202401-34","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security.gentoo.org/glsa/202401-34"},{"reference_url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217"},{"reference_url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/"},{"reference_url":"https://support.apple.com/kb/HT213961","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://support.apple.com/kb/HT213961"},{"reference_url":"https://support.apple.com/kb/HT213972","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://support.apple.com/kb/HT213972"},{"reference_url":"https://twitter.com/maddiestone/status/1707163313711497266","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://twitter.com/maddiestone/status/1707163313711497266"},{"reference_url":"https://www.debian.org/security/2023/dsa-5508","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5508"},{"reference_url":"https://www.debian.org/security/2023/dsa-5509","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5509"},{"reference_url":"https://www.debian.org/security/2023/dsa-5510","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5510"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/09/28/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/09/28/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/11","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/12","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/12"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/14","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/14"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/9","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/02/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/02/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/03/11","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/03/11"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182","reference_id":"1053182","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/","reference_id":"AY642Z6JZODQJE7Z62CFREVUHEGCXGPD","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5217","reference_id":"CVE-2023-5217","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5217"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2023-5217","reference_id":"CVE-2023-5217","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2023-5217"},{"reference_url":"https://github.com/advisories/GHSA-qqvq-6xgj-jw8g","reference_id":"GHSA-qqvq-6xgj-jw8g","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qqvq-6xgj-jw8g"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44","reference_id":"mfsa2023-44","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"critical","scoring_system":"generic_textual","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5426","reference_id":"RHSA-2023:5426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5427","reference_id":"RHSA-2023:5427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5428","reference_id":"RHSA-2023:5428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5429","reference_id":"RHSA-2023:5429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5430","reference_id":"RHSA-2023:5430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5432","reference_id":"RHSA-2023:5432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5433","reference_id":"RHSA-2023:5433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5434","reference_id":"RHSA-2023:5434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5435","reference_id":"RHSA-2023:5435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5436","reference_id":"RHSA-2023:5436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5437","reference_id":"RHSA-2023:5437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5438","reference_id":"RHSA-2023:5438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5439","reference_id":"RHSA-2023:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5440","reference_id":"RHSA-2023:5440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5475","reference_id":"RHSA-2023:5475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5477","reference_id":"RHSA-2023:5477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5534","reference_id":"RHSA-2023:5534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5535","reference_id":"RHSA-2023:5535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5536","reference_id":"RHSA-2023:5536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5537","reference_id":"RHSA-2023:5537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5538","reference_id":"RHSA-2023:5538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5539","reference_id":"RHSA-2023:5539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5539"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5540","reference_id":"RHSA-2023:5540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5540"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/","reference_id":"TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"},{"reference_url":"https://usn.ubuntu.com/6403-1/","reference_id":"USN-6403-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-1/"},{"reference_url":"https://usn.ubuntu.com/6403-2/","reference_id":"USN-6403-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-2/"},{"reference_url":"https://usn.ubuntu.com/6403-3/","reference_id":"USN-6403-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-3/"},{"reference_url":"https://usn.ubuntu.com/6404-1/","reference_id":"USN-6404-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6404-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"},{"reference_url":"https://usn.ubuntu.com/7172-1/","reference_id":"USN-7172-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7172-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67133?format=json","purl":"pkg:npm/electron@22.3.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@22.3.25"},{"url":"http://public2.vulnerablecode.io/api/packages/66783?format=json","purl":"pkg:npm/electron@23.0.0-alpha.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-2tjw-wwpp-57ac"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-73qk-x8vr-sfdp"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-c798-jt2a-23a5"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@23.0.0-alpha.1"},{"url":"http://public2.vulnerablecode.io/api/packages/67134?format=json","purl":"pkg:npm/electron@24.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@24.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/66787?format=json","purl":"pkg:npm/electron@25.0.0-alpha.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-2tjw-wwpp-57ac"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-73qk-x8vr-sfdp"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@25.0.0-alpha.1"},{"url":"http://public2.vulnerablecode.io/api/packages/67135?format=json","purl":"pkg:npm/electron@25.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@25.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/66788?format=json","purl":"pkg:npm/electron@26.0.0-alpha.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-2tjw-wwpp-57ac"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@26.0.0-alpha.1"},{"url":"http://public2.vulnerablecode.io/api/packages/67136?format=json","purl":"pkg:npm/electron@26.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@26.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/67137?format=json","purl":"pkg:npm/electron@27.0.0-beta.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@27.0.0-beta.8"}],"aliases":["CVE-2023-5217","GHSA-qqvq-6xgj-jw8g"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ghpk-c1e6-pkae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57556?format=json","vulnerability_id":"VCID-hzte-vg4j-cbgt","summary":"Electron vulnerable to Heap Buffer Overflow in NativeImage\nThe `nativeImage.createFromPath()` and `nativeImage.createFromBuffer()` functions call a function downstream that is vulnerable to a heap buffer overflow. An Electron program that uses either of the affected functions is vulnerable to a buffer overflow if an attacker is in control of the image's height, width, and contents.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46993","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1468","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46993"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46993","reference_id":"CVE-2024-46993","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46993"},{"reference_url":"https://github.com/advisories/GHSA-6r2x-8pq8-9489","reference_id":"GHSA-6r2x-8pq8-9489","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6r2x-8pq8-9489"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-6r2x-8pq8-9489","reference_id":"GHSA-6r2x-8pq8-9489","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-01T13:45:02Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-6r2x-8pq8-9489"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85605?format=json","purl":"pkg:npm/electron@28.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@28.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/85606?format=json","purl":"pkg:npm/electron@29.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@29.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/85607?format=json","purl":"pkg:npm/electron@30.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-9x1q-7ngy-jyhw"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@30.0.3"}],"aliases":["CVE-2024-46993","GHSA-6r2x-8pq8-9489"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hzte-vg4j-cbgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63642?format=json","vulnerability_id":"VCID-j8e6-q6j5-tyf8","summary":"electron: Electron: HTTP Response Header Injection via attacker-controlled input","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34767.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34767.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34767","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.0159","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34767"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-4p4r-m79c-wq3v","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T19:07:46Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-4p4r-m79c-wq3v"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34767","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455000","reference_id":"2455000","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455000"},{"reference_url":"https://github.com/advisories/GHSA-4p4r-m79c-wq3v","reference_id":"GHSA-4p4r-m79c-wq3v","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4p4r-m79c-wq3v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/111293?format=json","purl":"pkg:npm/electron@39.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/111294?format=json","purl":"pkg:npm/electron@40.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/111295?format=json","purl":"pkg:npm/electron@41.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.3"}],"aliases":["CVE-2026-34767","GHSA-4p4r-m79c-wq3v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j8e6-q6j5-tyf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/972?format=json","vulnerability_id":"VCID-k669-cacz-9fcd","summary":"Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild. *Note: This advisory was previously also tracked as CVE-2023-5129.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4863.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4863.json"},{"reference_url":"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway"},{"reference_url":"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4863","reference_id":"","reference_type":"","scores":[{"value":"0.93301","scoring_system":"epss","scoring_elements":"0.99817","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4863"},{"reference_url":"https://blog.isosceles.com/the-webp-0day","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.isosceles.com/the-webp-0day"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1215231","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1215231"},{"reference_url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"},{"reference_url":"https://crbug.com/1479274","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://crbug.com/1479274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4863"},{"reference_url":"https://en.bandisoft.com/honeyview/history","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://en.bandisoft.com/honeyview/history"},{"reference_url":"https://en.bandisoft.com/honeyview/history/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://en.bandisoft.com/honeyview/history/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dlemstra/Magick.NET/releases/tag/13.3.0","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dlemstra/Magick.NET/releases/tag/13.3.0"},{"reference_url":"https://github.com/electron/electron/pull/39823","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39823"},{"reference_url":"https://github.com/electron/electron/pull/39825","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39825"},{"reference_url":"https://github.com/electron/electron/pull/39826","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39826"},{"reference_url":"https://github.com/electron/electron/pull/39827","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39827"},{"reference_url":"https://github.com/electron/electron/pull/39828","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39828"},{"reference_url":"https://github.com/ImageMagick/ImageMagick/discussions/6664","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ImageMagick/ImageMagick/discussions/6664"},{"reference_url":"https://github.com/jaredforth/webp/commit/9d4c56e63abecc777df71c702503c3eaabd7dcbc","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jaredforth/webp/commit/9d4c56e63abecc777df71c702503c3eaabd7dcbc"},{"reference_url":"https://github.com/jaredforth/webp/pull/30","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jaredforth/webp/pull/30"},{"reference_url":"https://github.com/python-pillow/Pillow/pull/7395","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/python-pillow/Pillow/pull/7395"},{"reference_url":"https://github.com/qnighy/libwebp-sys2-rs/commit/4560c473a76ec8bd8c650f19ddf9d7a44f719f8b","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/qnighy/libwebp-sys2-rs/commit/4560c473a76ec8bd8c650f19ddf9d7a44f719f8b"},{"reference_url":"https://github.com/qnighy/libwebp-sys2-rs/pull/21","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/qnighy/libwebp-sys2-rs/pull/21"},{"reference_url":"https://github.com/webmproject/libwebp","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/webmproject/libwebp"},{"reference_url":"https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a"},{"reference_url":"https://github.com/webmproject/libwebp/releases/tag/v1.3.2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://github.com/webmproject/libwebp/releases/tag/v1.3.2"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I"},{"reference_url":"https://news.ycombinator.com/item?id=37478403","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://news.ycombinator.com/item?id=37478403"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4863","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4863"},{"reference_url":"https://pillow.readthedocs.io/en/stable/releasenotes/10.0.1.html#security","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pillow.readthedocs.io/en/stable/releasenotes/10.0.1.html#security"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0060.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0060.html"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0061.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0061.html"},{"reference_url":"https://security.gentoo.org/glsa/202309-05","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://security.gentoo.org/glsa/202309-05"},{"reference_url":"https://security.gentoo.org/glsa/202401-10","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://security.gentoo.org/glsa/202401-10"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230929-0011","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230929-0011"},{"reference_url":"https://sethmlarson.dev/security-developer-in-residence-weekly-report-16","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://sethmlarson.dev/security-developer-in-residence-weekly-report-16"},{"reference_url":"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863"},{"reference_url":"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/"},{"reference_url":"https://www.bentley.com/advisories/be-2023-0001","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.bentley.com/advisories/be-2023-0001"},{"reference_url":"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks"},{"reference_url":"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5496","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.debian.org/security/2023/dsa-5496"},{"reference_url":"https://www.debian.org/security/2023/dsa-5497","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.debian.org/security/2023/dsa-5497"},{"reference_url":"https://www.debian.org/security/2023/dsa-5498","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.debian.org/security/2023/dsa-5498"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/"},{"reference_url":"https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/21/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/21/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/8","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/26/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/26/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/26/7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/26/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787","reference_id":"1051787","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238431","reference_id":"2238431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238431"},{"reference_url":"https://www.bentley.com/advisories/be-2023-0001/","reference_id":"be-2023-0001","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.bentley.com/advisories/be-2023-0001/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863","reference_id":"CVE-2023-4863","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2023-4863","reference_id":"CVE-2023-4863","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2023-4863"},{"reference_url":"https://github.com/advisories/GHSA-j7hp-h8jx-5ppr","reference_id":"GHSA-j7hp-h8jx-5ppr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j7hp-h8jx-5ppr"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/","reference_id":"KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40","reference_id":"mfsa2023-40","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"critical","scoring_system":"generic_textual","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230929-0011/","reference_id":"ntap-20230929-0011","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230929-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5183","reference_id":"RHSA-2023:5183","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5184","reference_id":"RHSA-2023:5184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5185","reference_id":"RHSA-2023:5185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5186","reference_id":"RHSA-2023:5186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5187","reference_id":"RHSA-2023:5187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5188","reference_id":"RHSA-2023:5188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5189","reference_id":"RHSA-2023:5189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5190","reference_id":"RHSA-2023:5190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5191","reference_id":"RHSA-2023:5191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5192","reference_id":"RHSA-2023:5192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5197","reference_id":"RHSA-2023:5197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5198","reference_id":"RHSA-2023:5198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5200","reference_id":"RHSA-2023:5200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5201","reference_id":"RHSA-2023:5201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5202","reference_id":"RHSA-2023:5202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5204","reference_id":"RHSA-2023:5204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5205","reference_id":"RHSA-2023:5205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5214","reference_id":"RHSA-2023:5214","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5214"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5222","reference_id":"RHSA-2023:5222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5223","reference_id":"RHSA-2023:5223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5224","reference_id":"RHSA-2023:5224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5236","reference_id":"RHSA-2023:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5309","reference_id":"RHSA-2023:5309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5309"},{"reference_url":"https://usn.ubuntu.com/6367-1/","reference_id":"USN-6367-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6367-1/"},{"reference_url":"https://usn.ubuntu.com/6368-1/","reference_id":"USN-6368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6368-1/"},{"reference_url":"https://usn.ubuntu.com/6369-1/","reference_id":"USN-6369-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6369-1/"},{"reference_url":"https://usn.ubuntu.com/6369-2/","reference_id":"USN-6369-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6369-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66909?format=json","purl":"pkg:npm/electron@22.3.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@22.3.24"},{"url":"http://public2.vulnerablecode.io/api/packages/66783?format=json","purl":"pkg:npm/electron@23.0.0-alpha.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-2tjw-wwpp-57ac"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-73qk-x8vr-sfdp"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-c798-jt2a-23a5"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@23.0.0-alpha.1"},{"url":"http://public2.vulnerablecode.io/api/packages/66910?format=json","purl":"pkg:npm/electron@24.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@24.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/66787?format=json","purl":"pkg:npm/electron@25.0.0-alpha.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-2tjw-wwpp-57ac"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-73qk-x8vr-sfdp"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@25.0.0-alpha.1"},{"url":"http://public2.vulnerablecode.io/api/packages/66911?format=json","purl":"pkg:npm/electron@25.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@25.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/66788?format=json","purl":"pkg:npm/electron@26.0.0-alpha.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-2tjw-wwpp-57ac"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@26.0.0-alpha.1"},{"url":"http://public2.vulnerablecode.io/api/packages/66912?format=json","purl":"pkg:npm/electron@26.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@26.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/67132?format=json","purl":"pkg:npm/electron@27.0.0-alpha.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@27.0.0-alpha.1"},{"url":"http://public2.vulnerablecode.io/api/packages/66913?format=json","purl":"pkg:npm/electron@27.0.0-beta.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@27.0.0-beta.2"}],"aliases":["CVE-2023-4863","GHSA-j7hp-h8jx-5ppr"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k669-cacz-9fcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63630?format=json","vulnerability_id":"VCID-p1m4-3gu6-zffw","summary":"Electron: Electron: Integrity issue due to IPC channel spoofing by a service worker","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34778.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34778","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00462","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34778"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-xj5x-m3f3-5x3h","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:50:39Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-xj5x-m3f3-5x3h"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34778","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34778"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455024","reference_id":"2455024","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455024"},{"reference_url":"https://github.com/advisories/GHSA-xj5x-m3f3-5x3h","reference_id":"GHSA-xj5x-m3f3-5x3h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xj5x-m3f3-5x3h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/109947?format=json","purl":"pkg:npm/electron@39.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/109949?format=json","purl":"pkg:npm/electron@40.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/109869?format=json","purl":"pkg:npm/electron@41.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0"}],"aliases":["CVE-2026-34778","GHSA-xj5x-m3f3-5x3h"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p1m4-3gu6-zffw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63641?format=json","vulnerability_id":"VCID-pjqf-nps2-7yhc","summary":"electron: Electron: Arbitrary code execution via unquoted path in Run registry key","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34768.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34768.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34768","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00328","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34768"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-jfqx-fxh3-c62j","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T19:08:45Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-jfqx-fxh3-c62j"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34768","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34768"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454996","reference_id":"2454996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454996"},{"reference_url":"https://github.com/advisories/GHSA-jfqx-fxh3-c62j","reference_id":"GHSA-jfqx-fxh3-c62j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-jfqx-fxh3-c62j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/109947?format=json","purl":"pkg:npm/electron@39.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/110557?format=json","purl":"pkg:npm/electron@40.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110558?format=json","purl":"pkg:npm/electron@41.0.0-beta.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8"}],"aliases":["CVE-2026-34768","GHSA-jfqx-fxh3-c62j"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pjqf-nps2-7yhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63338?format=json","vulnerability_id":"VCID-qs5f-9ftk-fben","summary":"electron: Electron: Arbitrary code execution or information disclosure via incorrect window handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34765.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34765","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07595","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34765"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/releases/tag/v39.8.5","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v39.8.5"},{"reference_url":"https://github.com/electron/electron/releases/tag/v40.8.5","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v40.8.5"},{"reference_url":"https://github.com/electron/electron/releases/tag/v41.1.0","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v41.1.0"},{"reference_url":"https://github.com/electron/electron/releases/tag/v42.0.0-alpha.5","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v42.0.0-alpha.5"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-f3pv-wv63-48x8","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:10Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-f3pv-wv63-48x8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34765","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34765"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456278","reference_id":"2456278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456278"},{"reference_url":"https://github.com/advisories/GHSA-f3pv-wv63-48x8","reference_id":"GHSA-f3pv-wv63-48x8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-f3pv-wv63-48x8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/111155?format=json","purl":"pkg:npm/electron@39.8.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/111158?format=json","purl":"pkg:npm/electron@40.8.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/111161?format=json","purl":"pkg:npm/electron@41.1.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/111164?format=json","purl":"pkg:npm/electron@42.0.0-alpha.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@42.0.0-alpha.5"}],"aliases":["CVE-2026-34765","GHSA-f3pv-wv63-48x8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qs5f-9ftk-fben"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89656?format=json","vulnerability_id":"VCID-t1uc-59dn-j3gd","summary":"Electron: Use-after-free in PowerMonitor on Windows and macOS\n### Impact\nApps that use the `powerMonitor` module may be vulnerable to a use-after-free. After the native `PowerMonitor` object is garbage-collected, the associated OS-level resources (a message window on Windows, a shutdown handler on macOS) retain dangling references. A subsequent session-change event (Windows) or system shutdown (macOS) dereferences freed memory, which may lead to a crash or memory corruption.\n\nAll apps that access `powerMonitor` events (`suspend`, `resume`, `lock-screen`, etc.) are potentially affected. The issue is not directly renderer-controllable.\n\n### Workarounds\nThere are no app side workarounds, you must update to a patched version of Electron.\n\n### Fixed Versions\n* `41.0.0-beta.8`\n* `40.8.0`\n* `39.8.1`\n* `38.8.6`\n\n### For more information\nIf there are any questions or comments about this advisory, please email [security@electronjs.org](mailto:security@electronjs.org)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34770","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02901","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34770"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-jjp3-mq3x-295m","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T19:09:58Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-jjp3-mq3x-295m"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34770","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34770"},{"reference_url":"https://github.com/advisories/GHSA-jjp3-mq3x-295m","reference_id":"GHSA-jjp3-mq3x-295m","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-jjp3-mq3x-295m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/109947?format=json","purl":"pkg:npm/electron@39.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/110557?format=json","purl":"pkg:npm/electron@40.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110558?format=json","purl":"pkg:npm/electron@41.0.0-beta.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8"}],"aliases":["CVE-2026-34770","GHSA-jjp3-mq3x-295m"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1uc-59dn-j3gd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89381?format=json","vulnerability_id":"VCID-wfx6-9nh3-quar","summary":"Electron: AppleScript injection in app.moveToApplicationsFolder on macOS\n### Impact\nOn macOS, `app.moveToApplicationsFolder()` used an AppleScript fallback path that did not properly handle certain characters in the application bundle path. Under specific conditions, a crafted launch path could lead to arbitrary AppleScript execution when the user accepted the move-to-Applications prompt.\n\nApps are only affected if they call `app.moveToApplicationsFolder()`. Apps that do not use this API are not affected.\n\n### Workarounds\nThere are no app side workarounds, developers must update to a patched version of Electron.\n\n### Fixed Versions\n* `41.0.0-beta.8`\n* `40.8.0`\n* `39.8.1`\n* `38.8.6`\n\n### For more information\nIf there are any questions or comments about this advisory, please email [security@electronjs.org](mailto:security@electronjs.org)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34779","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01182","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34779"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-5rqw-r77c-jp79","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T15:49:50Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-5rqw-r77c-jp79"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34779","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34779"},{"reference_url":"https://github.com/advisories/GHSA-5rqw-r77c-jp79","reference_id":"GHSA-5rqw-r77c-jp79","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5rqw-r77c-jp79"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/109947?format=json","purl":"pkg:npm/electron@39.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/110557?format=json","purl":"pkg:npm/electron@40.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110558?format=json","purl":"pkg:npm/electron@41.0.0-beta.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8"}],"aliases":["CVE-2026-34779","GHSA-5rqw-r77c-jp79"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wfx6-9nh3-quar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63634?format=json","vulnerability_id":"VCID-x7he-eg8d-g7hj","summary":"Electron: Electron: Arbitrary code execution and information disclosure due to incorrect Node.js integration scoping","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34775.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34775","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02125","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34775"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-xwr5-m59h-vwqr","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T15:52:56Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-xwr5-m59h-vwqr"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34775","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34775"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455023","reference_id":"2455023","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455023"},{"reference_url":"https://github.com/advisories/GHSA-xwr5-m59h-vwqr","reference_id":"GHSA-xwr5-m59h-vwqr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xwr5-m59h-vwqr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/109867?format=json","purl":"pkg:npm/electron@39.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/109868?format=json","purl":"pkg:npm/electron@40.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/109869?format=json","purl":"pkg:npm/electron@41.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0"}],"aliases":["CVE-2026-34775","GHSA-xwr5-m59h-vwqr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x7he-eg8d-g7hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63639?format=json","vulnerability_id":"VCID-zzcf-uus6-rqa8","summary":"electron: Electron: Memory corruption or application crash via use-after-free in permission request handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34771.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34771","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0459","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34771"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-8337-3p73-46f4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T16:04:11Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-8337-3p73-46f4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34771","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34771"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454995","reference_id":"2454995","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454995"},{"reference_url":"https://github.com/advisories/GHSA-8337-3p73-46f4","reference_id":"GHSA-8337-3p73-46f4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8337-3p73-46f4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/109866?format=json","purl":"pkg:npm/electron@38.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-qs5f-9ftk-fben"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@38.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/110321?format=json","purl":"pkg:npm/electron@39.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@39.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110322?format=json","purl":"pkg:npm/electron@40.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@40.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/110558?format=json","purl":"pkg:npm/electron@41.0.0-beta.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-jy1k-8gy7-pkb7"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-x7he-eg8d-g7hj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@41.0.0-beta.8"}],"aliases":["CVE-2026-34771","GHSA-8337-3p73-46f4"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zzcf-uus6-rqa8"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45956?format=json","vulnerability_id":"VCID-2tjw-wwpp-57ac","summary":"Improper Control of Generation of Code ('Code Injection')\nElectron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps that are launched as command line executables are impacted. Specifically this issue can only be exploited if the following conditions are met: 1. The app is launched with an attacker-controlled working directory and 2. The attacker has the ability to write files to that working directory. This makes the risk quite low, in fact normally issues of this kind are considered outside of our threat model as similar to Chromium we exclude Physically Local Attacks but given the ability for this issue to bypass certain protections like ASAR Integrity it is being treated with higher importance. This issue has been fixed in versions:`26.0.0-beta.13`, `25.4.1`, `24.7.1`, `23.3.13`, and `22.3.19`. There are no app side workarounds, users must update to a patched version of Electron.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39956","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0796","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39956"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39956","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39956"},{"reference_url":"https://github.com/advisories/GHSA-7x97-j373-85x5","reference_id":"GHSA-7x97-j373-85x5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7x97-j373-85x5"},{"reference_url":"https://github.com/electron/electron/security/advisories/GHSA-7x97-j373-85x5","reference_id":"GHSA-7x97-j373-85x5","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:20Z/"}],"url":"https://github.com/electron/electron/security/advisories/GHSA-7x97-j373-85x5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66789?format=json","purl":"pkg:npm/electron@22.3.19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@22.3.19"},{"url":"http://public2.vulnerablecode.io/api/packages/672780?format=json","purl":"pkg:npm/electron@22.3.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-k669-cacz-9fcd"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@22.3.21"},{"url":"http://public2.vulnerablecode.io/api/packages/66790?format=json","purl":"pkg:npm/electron@23.3.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@23.3.13"},{"url":"http://public2.vulnerablecode.io/api/packages/66791?format=json","purl":"pkg:npm/electron@24.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-k669-cacz-9fcd"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@24.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/66792?format=json","purl":"pkg:npm/electron@25.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-k669-cacz-9fcd"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@25.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/66793?format=json","purl":"pkg:npm/electron@26.0.0-beta.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@26.0.0-beta.13"},{"url":"http://public2.vulnerablecode.io/api/packages/66907?format=json","purl":"pkg:npm/electron@26.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2kk5-3p41-kycs"},{"vulnerability":"VCID-3wxh-7cvs-g3et"},{"vulnerability":"VCID-4u89-87dg-zqdt"},{"vulnerability":"VCID-5cmc-cnnq-xyhw"},{"vulnerability":"VCID-5w4g-q3st-m7hf"},{"vulnerability":"VCID-6vad-u5vg-dba5"},{"vulnerability":"VCID-7c28-bmu2-qbcs"},{"vulnerability":"VCID-de1j-4qwd-duab"},{"vulnerability":"VCID-df1y-n1s8-x3g4"},{"vulnerability":"VCID-egxx-avtf-ekah"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hzte-vg4j-cbgt"},{"vulnerability":"VCID-j8e6-q6j5-tyf8"},{"vulnerability":"VCID-k669-cacz-9fcd"},{"vulnerability":"VCID-p1m4-3gu6-zffw"},{"vulnerability":"VCID-pjqf-nps2-7yhc"},{"vulnerability":"VCID-qs5f-9ftk-fben"},{"vulnerability":"VCID-t1uc-59dn-j3gd"},{"vulnerability":"VCID-wfx6-9nh3-quar"},{"vulnerability":"VCID-x7he-eg8d-g7hj"},{"vulnerability":"VCID-zzcf-uus6-rqa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@26.0.0"}],"aliases":["CVE-2023-39956","GHSA-7x97-j373-85x5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2tjw-wwpp-57ac"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/electron@22.3.21"}