Package impact
npm / electerm
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-43940 | high | 8.4 | 8.4 | 28d ago | Electerm runWidget has a path traversal that leads to arbitrary code execution | |||
| CVE-2026-45353 | high | 7.8 | 7.8 | 21d ago | electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From 3.0.6 to 3.8.8, This vulnerability is fixed in 3.9.0. | |||
| CVE-2026-43943 | high | 7.8 | 7.8 | 28d ago | Electerm Security Vulnerability: RCE via malicious SSH server filename in openFileWithEditor | |||
| CVE-2026-43942 | medium | 5.5 | 5.5 | 28d ago | Electerm's full process.env exposed to renderer via window.pre.env |