Electron: 20.3.12 → 39.8.1
OpenJS Foundation · upgrade impact · Official site ↗
Fixed by upgrading to 39.8.1 iVulnerabilities that affect 20.3.12 but no longer affect 39.8.1 — the security gain from this upgrade, by exploited status then exploitation probability.
Exploited first, then by exploitation probability (EPSS).
CVE-2023-39956 MEDIUM EPSS 1% ✓ cleared in 39.8.1 CVE-2023-29198 MEDIUM EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34774 HIGH EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34771 HIGH EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34770 HIGH EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34773 MEDIUM EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34769 HIGH EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34776 MEDIUM EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34772 MEDIUM EPSS 0% ✓ cleared in 39.8.1 CVE-2023-44402 MEDIUM EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34766 LOW EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34779 MEDIUM EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34768 LOW EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34778 MEDIUM EPSS 0% ✓ cleared in 39.8.1 CVE-2026-34777 MEDIUM EPSS 0% ✓ cleared in 39.8.1Still open in 39.8.1 iKnown vulnerabilities that affect 39.8.1 too — upgrading to it does not clear these.
These affect 39.8.1 as well — a later release may be needed.
CVE-2026-34765 MEDIUM EPSS 0% → fixed in 41.1.0 CVE-2026-34775 MEDIUM EPSS 0% → fixed in 40.8.4 CVE-2026-34767 MEDIUM EPSS 0% → fixed in 41.0.3 CVE-2026-34781 LOW EPSS 0% → fixed in 41.1.0 CVE-2026-34764 LOW EPSS 0% → fixed in 41.1.0