Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Electron: Using child windows with offscreen rendering can crash apps
GHSA-532v-xpq5-8h95
CVE-2026-34774
Summary
If you're using Electron to create apps with child windows and also render content offscreen, be aware that this setup can cause your app to crash or become unstable. To fix this, make sure to close child windows before closing the parent window, or prevent child windows from opening in the first place. The latest fixed versions are Electron 41.0.0, 40.7.0, and 39.8.1.
What to do
- Update electron to version 39.8.1.
- Update electron to version 40.7.0.
- Update electron to version 41.0.0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | electron | <= 39.8.1 | 39.8.1 |
| – | electron | > 40.0.0-alpha.1 , <= 40.7.0 | 40.7.0 |
| – | electron | > 41.0.0-alpha.1 , <= 41.0.0 | 41.0.0 |
Original title
Electron: Use-after-free in offscreen child window paint callback
Original description
### Impact
Apps that use offscreen rendering and allow child windows via `window.open()` may be vulnerable to a use-after-free. If the parent offscreen `WebContents` is destroyed while a child window remains open, subsequent paint frames on the child dereference freed memory, which may lead to a crash or memory corruption.
Apps are only affected if they use offscreen rendering (`webPreferences.offscreen: true`) and their `setWindowOpenHandler` permits child windows. Apps that do not use offscreen rendering, or that deny child windows, are not affected.
### Workarounds
Deny child window creation from offscreen renderers in your `setWindowOpenHandler`, or ensure child windows are closed before the parent is destroyed.
### Fixed Versions
* `41.0.0`
* `40.7.0`
* `39.8.1`
### For more information
If there are any questions or comments about this advisory, please email [[email protected]](mailto:[email protected])
Apps that use offscreen rendering and allow child windows via `window.open()` may be vulnerable to a use-after-free. If the parent offscreen `WebContents` is destroyed while a child window remains open, subsequent paint frames on the child dereference freed memory, which may lead to a crash or memory corruption.
Apps are only affected if they use offscreen rendering (`webPreferences.offscreen: true`) and their `setWindowOpenHandler` permits child windows. Apps that do not use offscreen rendering, or that deny child windows, are not affected.
### Workarounds
Deny child window creation from offscreen renderers in your `setWindowOpenHandler`, or ensure child windows are closed before the parent is destroyed.
### Fixed Versions
* `41.0.0`
* `40.7.0`
* `39.8.1`
### For more information
If there are any questions or comments about this advisory, please email [[email protected]](mailto:[email protected])
ghsa CVSS3.1
8.1
Vulnerability type
CWE-416
Use After Free
Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026