Chromium Embedded Framework Zero Day Exploit (CVE-2026-2441) #5214
Replies: 3 comments
-
|
Upgrading to 145 is currently blocked as CEF made breaking changes and currently 145 builds are failing. No ETA as yet on when a new 145 build will be available. The VC++ compiler won't build some of the newer C++ features CEF now uses. If CEF releases a build for 144.0.7559.177 then a new 144 build can be released including the fix. You'd have to contact the CEF maintainer and get them to upgrade the old branch. https://magpcss.org/ceforum/index.php You may need to consider migrating to WebView2 if you need a fix asap. |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
-
|
https://github.com/cefsharp/CefSharp/releases/tag/v145.0.260 was released a few days ago (make sure to sign up for release only notifications here on github) |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
What is the status of this? Is version 144.0.12 released on 1/30/26 cover the patch? I suspect the exploit was discovered after this latest version was released. Google Chrome and Microsoft Edge latest versions are 145.0.7632.76 and 145.0.3800.58 respectively. If Google and Microsoft versions match the Chromium Embedded Framework version, I suspect another version with the exploit fix is due.
Beta Was this translation helpful? Give feedback.
All reactions