569 matches found
Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design th...
PT-2026-20553
Name of the Vulnerable Software and Affected Versions Notepad++ versions prior to 8.9.2 Description Notepad++ is a free and open-source source code editor. An Unsafe Search Path issue CWE-426 exists when launching Windows Explorer without an absolute executable path. This could allow execution of...
PT-2026-8028
Name of the Vulnerable Software and Affected Versions Windows Notepad versions prior to 11.x patch Description A remote code execution issue exists in the modern Windows 11 Notepad application distributed through the Microsoft Store. A malicious Markdown .md file can trigger command injection,...
Exploit for CVE-2026-20841
CVE-2026-20841 - Windows Notepad RCE PoC for a remote code ex...
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories
Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new exploits, many operations are built around quiet misuse of trusted tools, familiar workflows, and overlooked exposures that sit in plain sight. Another shift is how...
Exploit for CVE-2026-20841
CVE-2026-20841 - Windows Notepad RCE PoC for a remote code ex...
Exploit for CVE-2026-20841
Purpose The purpose of this work is to investigate the RCE vul...
Exploit for CVE-2026-20841
CVE-2026-20841 This content corresponds to a part of what is...
Notepad++ Download of Code Without Integrity Check Vulnerability
Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept or redirect update traffic to download and execute an attacker-controlled installer. This could lead to arbitrary code execution with the privileges...
CVE-2026-20841
Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...
Exploit for CVE-2026-20841
CVE-2026-20841 PoC PoC of the "Windows Notepad RCE" vulnerabi...
Exploit for CVE-2026-20841
The accuracy of this PoC trigger method has not been verified,...
Microsoft Windows Notepad < 11.2510 Command Injection (February 2026)
The Windows 'Microsoft Windows Notepad' app installed on the remote host is prior to version 11.2510. It is, therefore, affected by a command injection vulnerability: - Improper neutralization of special elements used in a command allows an unauthorized attacker to execute code over a network...
CVE-2026-20841
Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...
CVE-2026-20841
Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...
CVE-2026-20841 Windows Notepad App Remote Code Execution Vulnerability
...
CVE-2026-20841
Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...
CVE-2026-20841 Windows Notepad App Remote Code Execution Vulnerability
...
CVE-2026-20841
CVE-2026-20841 : The description identifies an issue in the Windows Notepad App where the attacker can trigger a remote command-injection due to improper neutralization of special elements in a command. Affected: Windows Notepad App. Root cause: improper neutralization of special elements used in...
Windows Notepad App Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...