CVE-2025-55305 | Electron up to 35.7.4/36.8.0/37.3.0 embeddedAsarIntegrityValidation code injection (GHSA-vmqv-hx8q-j7mg)

A vulnerability identified as critical has been detected in Electron up to 35.7.4/36.8.0/37.3.0. This affects an unknown part of the component embeddedAsarIntegrityValidation/onlyLoadAppFromAsar. The manipulation leads to code injection.

This vulnerability is traded as CVE-2025-55305. An attack has to be approached locally. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More