1. Electron ASAR Integrity Bypass: Local Attackers Can Tamper with App Resources (CVE-2025-55305)
A moderate-severity vulnerability in the Electron framework allows attackers with local write access to bypass critical integrity checks and tamper with application code. The flaw, tracked as CVE-2025-55305 and GHSA-vmqv-hx8q-j7mg, resides in the ASAR archive validation system. An attacker who can write to an applicati...