HIGH
Electronjs
CVE published 2026-04-04
CVE-2026-34769
An undocumented webPreference named commandLineSwitches in Electron allowed arbitrary Chromium switches to be appended to the renderer process command line. Applications that construct webPreferences by spreading untrusted configuration objects—without an allowlist—could inadvertently let an attacker inject switches that disable renderer sandboxing or web security controls. This is a configuration-injecti [truncated]