CVE-2026-34772
Use-After-Free in Electron Sessions Causes Memory Corruption
Publication date: 2026-04-04
Last updated on: 2026-04-22
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | 41.0.0 |
| electronjs | electron | From 39.0.0 (inc) to 39.8.0 (exc) |
| electronjs | electron | From 40.0.0 (inc) to 40.7.0 (exc) |
| electronjs | electron | to 38.8.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-34772 is a use-after-free vulnerability in the Electron framework that occurs when an application allows downloads and programmatically destroys sessions while a native save-file dialog is open.
If the session is torn down during the time the save-file dialog is open, dismissing the dialog causes the application to dereference freed memory. This can lead to a crash or memory corruption.
Applications that do not destroy sessions at runtime or do not permit downloads are not affected by this vulnerability.
How can this vulnerability impact me? :
This vulnerability can cause an application to crash or experience memory corruption when a session is destroyed while a native save-file dialog is open during a download.
Such crashes or memory corruption could lead to application instability or unexpected behavior, potentially affecting the availability and integrity of the application.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a use-after-free issue occurring in Electron applications that allow downloads and programmatically destroy sessions while a native save-file dialog is open. Detection involves identifying if your Electron application is running a vulnerable version prior to 38.8.6, 39.8.0, 40.7.0, or 41.0.0-beta.8.
Since the vulnerability manifests when a session is torn down during an active save-file dialog, monitoring application crashes or memory corruption events related to download dialogs can help detect exploitation attempts.
No specific commands are provided in the available resources to detect this vulnerability on your network or system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your Electron framework to one of the patched versions: 38.8.6, 39.8.0, 40.7.0, or 41.0.0-beta.8.
If updating immediately is not possible, apply workarounds such as avoiding destroying sessions while a native save-file dialog may be open and canceling any pending downloads before tearing down a session.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this use-after-free vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.