Lucene search
K

622 matches found

Tenable Nessus
Tenable Nessus
β€’added 2026/07/03 12:0 a.m.β€’8 views

Notepad++ 8.9.6.2 < 8.9.6.4 TOCTOU Race Condition (CVE-2026-52885)

The version of Notepad++ installed on the remote host is 8.9.6.2 or 8.9.6.3. It is, therefore, affected by a TOCTOU race condition vulnerability: - A time-of-check time-of-use TOCTOU race condition exists in the HMAC verification of shortcuts.xml. The HMAC check validates the on-disk file at...

7.5CVSS6.2AI score0.00129EPSS
Exploits2References2
OSV
OSV
β€’added 2026/07/02 12:0 a.m.β€’3 views

CVE-2026-38972

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibraryL"MSFTEDIT.DLL" with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or...

7.8CVSS6.6AI score0.00149EPSS
Exploits1References5
CVE
CVE
β€’added 2026/07/02 12:0 a.m.β€’16 views

CVE-2026-38972

Notepad3 versions up to 6.25.822.1 are vulnerable to a DLL search-order hijack in the About-dialog code path (src/Notepad3.c). The application loads MSFTEDIT.DLL via LoadLibrary with a bare DLL name, enabling a local attacker to place a malicious MSFTEDIT.DLL in the application directory or anoth...

7.8CVSS6.4AI score0.00149EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
β€’added 2026/07/02 12:0 a.m.β€’14 views

PT-2026-55312

Name of the Vulnerable Software and Affected Versions Notepad3 versions prior to 6.25.822.2 Description A DLL search-order hijacking issue exists in the About-dialog code path within src/Notepad3.c. The application uses the LoadLibrary function to load MSFTEDIT.DLL using a bare name. This allows ...

7.8CVSS6.5AI score0.00149EPSS
Exploits1References6
Cvelist
Cvelist
β€’added 2026/07/02 12:0 a.m.β€’36 views

CVE-2026-38972

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibraryL"MSFTEDIT.DLL" with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or...

0.00149EPSS
Exploits1References3
NVD
NVD
β€’added 2026/06/26 9:16 p.m.β€’8 views

CVE-2026-52884

Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory does NOT canonicalize the path before checking. It uses a prefix-based check PathIsPrefix or equivalent that matches paths starting with trusted directory strings. A path traversal using ....\ after a truste...

7.8CVSS0.00155EPSS
Exploits1References2
NVD
NVD
β€’added 2026/06/26 9:16 p.m.β€’8 views

CVE-2026-48800

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag text content inside in shortcuts.xml is read by NppXml::valueaNode Parameters.cpp:3658 in the feedUserCmds function and stored in UserCommand.cmd without any validation. When the user clicks the corresponding entry ...

7.8CVSS0.0036EPSS
Exploits3References2
NVD
NVD
β€’added 2026/06/26 9:16 p.m.β€’13 views

CVE-2026-48778

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File β†’ Open...

7.8CVSS0.01314EPSS
Exploits5References2
NVD
NVD
β€’added 2026/06/26 9:16 p.m.β€’9 views

CVE-2026-52885

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires Time-of-Check. However, the command payload is taken from the in-memory userCommands vector, which is populated at application...

7.5CVSS0.00129EPSS
Exploits2References2
NVD
NVD
β€’added 2026/06/26 9:16 p.m.β€’10 views

CVE-2026-48770

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WMCOPYDATA message to Notepad++ using the COPYDATAFULLCMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded...

5CVSS0.00258EPSS
Exploits2References2
NVD
NVD
β€’added 2026/06/26 9:16 p.m.β€’21 views

CVE-2026-46710

Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without using an absolute path after setting the working directory to the...

7.8CVSS0.00108EPSS
Exploits0References2
Cvelist
Cvelist
β€’added 2026/06/26 8:22 p.m.β€’29 views

CVE-2026-48770 Notepad++ WM_COPYDATA COPYDATA_FULL_CMDLINE local DoS crash

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WMCOPYDATA message to Notepad++ using the COPYDATAFULLCMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded...

5CVSS0.00258EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
β€’added 2026/06/26 8:22 p.m.β€’7 views

CVE-2026-48770

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WMCOPYDATA message to Notepad++ using the COPYDATAFULLCMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded...

5CVSS5.8AI score0.00258EPSS
Exploits2References3Affected Software1
OSV
OSV
β€’added 2026/06/26 8:22 p.m.β€’3 views

CVE-2026-48770 Notepad++ WM_COPYDATA COPYDATA_FULL_CMDLINE local DoS crash

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WMCOPYDATA message to Notepad++ using the COPYDATAFULLCMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded...

5CVSS6.1AI score0.00258EPSS
Exploits2References4
CVE
CVE
β€’added 2026/06/26 8:22 p.m.β€’95 views

CVE-2026-48770

Notepad++ prior to version 8.9.6.1 is affected by multiple issues arising from insecure handling of inter-process communication data. Specifically, a local attacker can trigger a denial of service (CVE-2026-48770) by sending a malformed WM_COPYDATA message where COPYDATA_FULL_CMDLINE is processed...

5CVSS5.8AI score0.00258EPSS
Exploits2References2Affected Software1
ATTACKERKB
ATTACKERKB
β€’added 2026/06/26 8:21 p.m.β€’8 views

CVE-2026-48778

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File β†’ Open...

7.8CVSS5.8AI score0.01314EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
β€’added 2026/06/26 8:21 p.m.β€’41 views

CVE-2026-48778 Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File β†’ Open...

7.8CVSS0.01314EPSS
Exploits5References2
OSV
OSV
β€’added 2026/06/26 8:21 p.m.β€’1 views

CVE-2026-48778 Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File β†’ Open...

7.8CVSS7.1AI score0.01314EPSS
Exploits5References4
CVE
CVE
β€’added 2026/06/26 8:21 p.m.β€’146 views

CVE-2026-48778

Notepad++ prior to 8.9.6.1 is affected by an RCE in config.xml: the value is read without validation and passed to ShellExecute when triggering File β†’ Open Containing Folder β†’ cmd, enabling attacker-controlled executable paths. The issue stems from NppXml::value() storing the value in _nppGUI._c...

7.8CVSS5.8AI score0.01314EPSS
Exploits5References2Affected Software1
OSV
OSV
β€’added 2026/06/26 8:19 p.m.β€’3 views

CVE-2026-52885 Notepad++ TOCTOU: HMAC Checks Disk, Executes from Memory

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires Time-of-Check. However, the command payload is taken from the in-memory userCommands vector, which is populated at application...

7.5CVSS6.2AI score0.00129EPSS
Exploits2References4
Rows per page
Query Builder