GHSA-q6m5-f73j-m9mcCritical

Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow

Published
June 15, 2026
Last Modified
June 15, 2026

🔗 CVE IDs covered (1)

📋 Description

Impact

Most apps will crash and some may perform incorrect buffer allocations in the Node.js Buffer API resulting in unexpected truncation or allocation.

Workarounds

No workarounds. Do not use these impacted Electron releases

Fixed Versions

  • 42.3.3

For more information

If you have any questions or comments about this advisory, email us at [email protected]

🎯 Affected products1

  • npm/electron:>= 42.3.1, < 42.3.3

🔗 References (2)