Exploit for CVE-2026-52885

TOCTOU: HMAC Checks Disk, Executes from Memory Notepad++ v8...

Windows Notepad Markdown Link Exposure Test

This Metasploit auxiliary module is a non-exploit, safety-focused research tool designed to generate a Markdown file for analyzing how Windows Notepad handles external links. It creates a controlled test document containing a user-defined URL and stores it locally for inspection...

Windows Notepad WebDAV UNC Reference Markdown File Generator

This Metasploit auxiliary module is a file-format generation tool intended for security testing of a CVE-2026-20841 related to Windows Notepad Markdown handling. It produces a Markdown file containing a UNC WebDAV-style path embedded as a clickable link for behavioral analysis...

CVE-2026-5525

A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without proper bounds...

CVE-2026-6539

Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious nativeLang.xml language pack file. Attackers can distribute a poisoned language pack through...

CVE-2026-42214

Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension function interpolates a file's extension directly into a Lua script without sanitization. An attacker can craft a filename whose extension contains Lua code, which...

Notepad++ 8.9.4 / 8.9.5 < 8.9.6 Installer Vulnerability

The version of Notepad++ installed on the remote host is 8.9.4 or 8.9.5. It is, therefore, affected by an installer vulnerability: - A vulnerability exists in the Notepad++ installer affecting versions 8.9.4 and 8.9.5 that could allow an attacker to compromise the installation process...

Notepad++ < 8.9.6.2 Arbitrary Code Execution

The version of Notepad++ installed on the remote host is prior to 8.9.6.2. It is, therefore, affected by an arbitrary code execution vulnerability: - An arbitrary code execution vulnerability exists due to improper handling of shortcuts.xml files. A previous fix in version 8.9.6.1 was incomplete,...

📄 Notepad++ 8.9.6 Arbitrary Code Execution

Notepad++ versions 8.9.6 and below proof of concept arbitrary code execution exploit. Exploit Title: Notepad++ 8.9.6 - Arbitrary Code Execution Date: 2026-05-30 Exploit Author: Kavin Jindal Avyukt Security https://www.linkedin.com/in/kavin-jindal/ Vendor Homepage: https://notepad-plus-plus.org...

Exploit for CVE-2026-48800

CVE-2026-48800 — Notepad++ Arbitrary Code Execution PoC Sev...

Exploit for CVE-2026-48778

CVE-2026-48...

Notepad++ 8.9.6 - Arbitrary Code Execution

Exploit Title: Notepad++ 8.9.6 - Arbitrary Code Execution Date: 2026-05-30 Exploit Author: Kavin Jindal Avyukt Security https://www.linkedin.com/in/kavin-jindal/ Vendor Homepage: https://notepad-plus-plus.org Software Link: https://notepad-plus-plus.org/downloads/v8.9.6/ Version: from config.xml...

Notepad++ security vulnerabilities

Notepad++ is an open-source plain-text editor developed by Don Ho of Taiwan, China. Notepad++ has security vulnerabilities, and attackers can exploit these vulnerabilities to execute arbitrary code...

Notepad-8.9.6-PoC

Notepad++ PoCs CVE-2026-48770 / CVE-2026-48778 / CVE-2026-488...

CVE-2026-48770

creationtimestamp| type| source ---|---|--- 2026-05-28 12:51:30+00:00| seen| https://www.acn.gov.it/portale/w/notepad-poc-pubblici-per-le-cve-2026-48800-cve-2026-48778-e-cve-2026-48770 2026-06-01 04:52:35+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116673056260872400 2026-06-01...

CVE-2026-48800

creationtimestamp| type| source ---|---|--- 2026-05-28 12:51:30+00:00| seen| https://www.acn.gov.it/portale/w/notepad-poc-pubblici-per-le-cve-2026-48800-cve-2026-48778-e-cve-2026-48770 2026-05-29 13:15:04+00:00| seen| https://t.me/bdufstecru/3207 2026-05-29 22:04:27+00:00| seen|...

CVE-2026-48778

creationtimestamp| type| source ---|---|--- 2026-05-28 12:51:30+00:00| seen| https://www.acn.gov.it/portale/w/notepad-poc-pubblici-per-le-cve-2026-48800-cve-2026-48778-e-cve-2026-48770 2026-05-29 22:04:26+00:00| seen| https://bsky.app/profile/crustytldr.bsky.social/post/3mmzk5ms7vf2l 2026-05-30...

PT-2026-44401

Name of the Vulnerable Software and Affected Versions Notepad++ affected versions not specified Description Multiple issues exist in the software. The config.xml configuration file fails to neutralize special elements when processing the commandLineInterpreter parameter. Additionally, the...

PT-2026-44374

Name of the Vulnerable Software and Affected Versions Notepad++ versions prior to 8.9.6.1 Description Multiple issues exist in the software, including a buffer over-read in the inter-process communication mechanism that can lead to a denial of service. Additionally, remote code execution is...

PT-2026-44400

Name of the Vulnerable Software and Affected Versions Notepad++ versions prior to 8.9.6.1 Description An issue exists in the processing of the commandLineInterpreter parameter within the config.xml configuration file. The software fails to neutralize special elements, which allows an attacker to...