Bauerj

**Name of the Vulnerable Software and Affected Versions** Electrum versions 2.9.4 and earlier Electrum versions 3.0.5 and earlier **Description** The issue allows attackers to steal Bitcoin by executing arbitrary Python code, potentially through social-engineering attacks where a user pastes code they do not understand, or through code pasted by a physically proximate attacker at an unattended workstation. This code can run at a later time when the wallet password has been entered, allowing for unauthorized access. **Recommendations** For Electrum versions 2.9.4 and earlier, update to a version later than 2.9.4 to resolve the issue. For Electrum versions 3.0.5 and earlier, update to a version later than 3.0.5 to resolve the issue. As a temporary workaround, consider disabling the Python console feature until a patch is available. Restrict access to the workstation when the wallet is open to minimize the risk of exploitation.