NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-54257

Summary	Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 42.3.1 until 42.3.3, Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow. Most apps will crash and some may perform incorrect buffer allocations in the Node.js Buffer API resulting in unexpected truncation or allocation. This vulnerability is fixed in 42.3.3.
Publication Date	June 24, 2026, 3:18 a.m.
Registration Date	June 27, 2026, 4:15 a.m.
Last Update	June 26, 2026, 5:18 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/electron/electron/security/advisories/GHSA-q6m5-f73j-m9mc	security-advisories@github.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-120	古典的バッファオーバーフロー	https://cwe.mitre.org/data/definitions/120.html