Black Lives Matter. Support the Equal Justice Initiative and read our statement here.

SQLite Vulnerability Fix

A remote code execution vulnerability, "Magellan," has been discovered affecting software based on SQLite or Chromium, including all versions of Electron.


Electron applications using Web SQL are impacted.


Affected apps should stop using Web SQL or upgrade to a patched version of Electron.

We've published new versions of Electron which include fixes for this vulnerability:

There are no reports of this in the wild; however, affected applications are urged to mitigate.

Further Information

This vulnerability was discovered by the Tencent Blade team, who have published a blog post that discusses the vulnerability.

To learn more about best practices for keeping your Electron apps secure, see our security tutorial.

If you wish to report a vulnerability in Electron, email

Have feedback on this post? Let @electronjs know on Twitter.

Need help or found a bug? Contact us.

Keyboard Shortcuts

Key Action
/ Focus the search bar
Esc Focus the search bar and cleans it
Select the next search result
Select the previous search result
Enter Open the selected search result
cmdEnter Ctrl+Enter Open the selected search result in a new tab