1. Critical Electron Security Flaw: Renderer Process Bypasses Sandbox via Direct Node.js Access
A critical security vulnerability has been identified in the application's Electron renderer process, allowing full Node.js API access without proper context isolation. The renderer process (src/renderer/renderer.js) directly requires Electron modules via `require('electron')` on line 1, bypassing Electron's security a...