Notepad
Monthly
Format string injection in Notepad++ 8.9.3 Find Results panel handler allows local attackers to cause denial of service and disclose stack memory by distributing malicious nativeLang.xml language pack files that trigger unsafe format string interpretation during search operations. User interaction is required to load the poisoned language pack and perform a search. No active exploitation confirmed, but patch is available from vendor.
String injection in Notepad++ 8.9.3 leads to memory address disclosure or application crash when processing maliciously crafted input. Attackers can leverage this remotely without authentication (CVSS 4.0 score 10.0, AV:N/PR:N), though desktop application context suggests user interaction required despite UI:N in vector. Publicly available exploit code exists per GitHub repository llgsjsm/cve-2026-3008. Fixed in version 8.9.4 release candidate per community forum discussion. EPSS data not available for 2026 CVE.
Stack-based buffer overflow in Notepad++ 8.9.3 file drop handler allows local authenticated users to cause application crash and potentially execute code by dragging and dropping a directory path of exactly 259 characters without a trailing backslash, triggering unbounded buffer write via automatic backslash and null terminator appending. CVSS 6.0 (High) reflects local attack vector and high complexity; no public exploit code or active KEV status identified, but upstream fix is confirmed available.
Notepad++ versions prior to 8.8.9 contain an update integrity verification vulnerability (CVE-2025-15556) when using the WinGUp updater. The update mechanism fails to cryptographically verify downloaded metadata and installers, allowing man-in-the-middle attackers to serve malicious executables during the update process. KEV-listed, this supply chain risk affects one of the most widely used text editors on Windows.
An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as problematic was found in NotePad++ up to 8.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Notepad++ is a free and open-source source code editor. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ is a free and open-source source code editor. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ is a free and open-source source code editor. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ is a free and open-source source code editor. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as problematic, was found in cxasm notepad-- 1.22. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add(). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 26.3%.
Format string injection in Notepad++ 8.9.3 Find Results panel handler allows local attackers to cause denial of service and disclose stack memory by distributing malicious nativeLang.xml language pack files that trigger unsafe format string interpretation during search operations. User interaction is required to load the poisoned language pack and perform a search. No active exploitation confirmed, but patch is available from vendor.
String injection in Notepad++ 8.9.3 leads to memory address disclosure or application crash when processing maliciously crafted input. Attackers can leverage this remotely without authentication (CVSS 4.0 score 10.0, AV:N/PR:N), though desktop application context suggests user interaction required despite UI:N in vector. Publicly available exploit code exists per GitHub repository llgsjsm/cve-2026-3008. Fixed in version 8.9.4 release candidate per community forum discussion. EPSS data not available for 2026 CVE.
Stack-based buffer overflow in Notepad++ 8.9.3 file drop handler allows local authenticated users to cause application crash and potentially execute code by dragging and dropping a directory path of exactly 259 characters without a trailing backslash, triggering unbounded buffer write via automatic backslash and null terminator appending. CVSS 6.0 (High) reflects local attack vector and high complexity; no public exploit code or active KEV status identified, but upstream fix is confirmed available.
Notepad++ versions prior to 8.8.9 contain an update integrity verification vulnerability (CVE-2025-15556) when using the WinGUp updater. The update mechanism fails to cryptographically verify downloaded metadata and installers, allowing man-in-the-middle attackers to serve malicious executables during the update process. KEV-listed, this supply chain risk affects one of the most widely used text editors on Windows.
An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as problematic was found in NotePad++ up to 8.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Notepad++ is a free and open-source source code editor. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ is a free and open-source source code editor. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ is a free and open-source source code editor. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ is a free and open-source source code editor. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as problematic, was found in cxasm notepad-- 1.22. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add(). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 26.3%.