CVE-2026-34770

Name of the Vulnerable Software and Affected Versions Electron versions prior to 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8

Description Electron applications utilizing the powerMonitor module may experience a use-after-free condition. Following the garbage collection of the native PowerMonitor object, OS-level resources retain references to freed memory. Subsequent system events, such as session changes on Windows or system shutdown on macOS, can then dereference this freed memory, potentially leading to crashes or memory corruption. Applications accessing powerMonitor events (suspend, resume, lock-screen, etc.) are potentially affected.

Recommendations Update to Electron version 38.8.6 or later Update to Electron version 39.8.1 or later Update to Electron version 40.8.0 or later Update to Electron version 41.0.0-beta.8 or later