I don’t see any recent posts discussing Electron, webp, or CVE-2023-4863. I’m concerned this means that Obsidian isn’t preparing an update for immediate release for this significant webp vulnerability.
You can read more about it here: Critical WebP bug: many apps, not just browsers, under threat
You can find the electron update here: chore: bump chromium to 116.0.5845.188 (26-x-y) by electron-roller[bot] · Pull Request #39828 · electron/electron · GitHub
(release here: Release electron v26.2.1 · electron/electron · GitHub )
This issue has reports of active exploits in the wild. Please patch as soon as possible!