PT-2026-30919 · Electron · Electron
Frostb1Ten
·
Published
2026-04-07
·
Updated
2026-04-08
·
CVE-2026-34781
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Electron versions prior to 39.8.5, prior to 40.8.5, prior to 41.1.0, and prior to 42.0.0-alpha.5
Description
Applications utilizing the
clipboard.readImage() function may experience a denial of service. If the system clipboard contains image data that cannot be decoded, the resulting null bitmap can cause a process crash. Only applications that call clipboard.readImage() are affected. This issue does not allow memory corruption or code execution. A workaround is to validate the clipboard contains image data via clipboard.availableFormats() before calling clipboard.readImage().Recommendations
Update to Electron version 39.8.5 or later.
Update to Electron version 40.8.5 or later.
Update to Electron version 41.1.0 or later.
Update to Electron version 42.0.0-alpha.5 or later.
Fix
DoS
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Electron