609 matches found
CVE-2026-52884
Notepad++ CVE-2026-52884 affects Notepad++ up to version 8.9.6.1 where isInTrustedDirectory() does not canonicalize paths before checking. The code uses a prefix-based trust check (PathIsPrefix or equivalent), allowing a path traversal like ....\ after a trusted directory prefix to resolve to an ...
CVE-2026-52884
Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory does NOT canonicalize the path before checking. It uses a prefix-based check PathIsPrefix or equivalent that matches paths starting with trusted directory strings. A path traversal using ....\ after a truste...
CVE-2026-52884 Notepad++: CVE-2026-48800 Bypass
Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory does NOT canonicalize the path before checking. It uses a prefix-based check PathIsPrefix or equivalent that matches paths starting with trusted directory strings. A path traversal using ....\ after a truste...
PT-2026-52973
Name of the Vulnerable Software and Affected Versions Notepad++ versions prior to 8.9.6.4 Description A Time-of-Check to Time-of-Use TOCTOU flaw exists in NppCommands.cpp. The application validates the HMAC of the shortcuts.xml file on disk when a user command is triggered, but it executes the...
PT-2026-52972
Name of the Vulnerable Software and Affected Versions Notepad++ versions 8.9.4 through 8.9.5 Description The installer contains a local privilege escalation issue. During the installation process, the installer invokes powershell.exe without specifying an absolute path after setting the working...
Exploit for CVE-2026-52885
TOCTOU: HMAC Checks Disk, Executes from Memory Notepad++ v8...
Windows Notepad Markdown Link Exposure Test
This Metasploit auxiliary module is a non-exploit, safety-focused research tool designed to generate a Markdown file for analyzing how Windows Notepad handles external links. It creates a controlled test document containing a user-defined URL and stores it locally for inspection...
Windows Notepad WebDAV UNC Reference Markdown File Generator
This Metasploit auxiliary module is a file-format generation tool intended for security testing of a CVE-2026-20841 related to Windows Notepad Markdown handling. It produces a Markdown file containing a UNC WebDAV-style path embedded as a clickable link for behavioral analysis...
CVE-2026-5525
A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without proper bounds...
CVE-2026-6539
Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious nativeLang.xml language pack file. Attackers can distribute a poisoned language pack through...
CVE-2026-42214
Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension function interpolates a file's extension directly into a Lua script without sanitization. An attacker can craft a filename whose extension contains Lua code, which...
Notepad++ 8.9.4 / 8.9.5 < 8.9.6 Installer Vulnerability
The version of Notepad++ installed on the remote host is 8.9.4 or 8.9.5. It is, therefore, affected by an installer vulnerability: - A vulnerability exists in the Notepad++ installer affecting versions 8.9.4 and 8.9.5 that could allow an attacker to compromise the installation process...
Notepad++ < 8.9.6.2 Arbitrary Code Execution
The version of Notepad++ installed on the remote host is prior to 8.9.6.2. It is, therefore, affected by an arbitrary code execution vulnerability: - An arbitrary code execution vulnerability exists due to improper handling of shortcuts.xml files. A previous fix in version 8.9.6.1 was incomplete,...
📄 Notepad++ 8.9.6 Arbitrary Code Execution
Notepad++ versions 8.9.6 and below proof of concept arbitrary code execution exploit. Exploit Title: Notepad++ 8.9.6 - Arbitrary Code Execution Date: 2026-05-30 Exploit Author: Kavin Jindal Avyukt Security https://www.linkedin.com/in/kavin-jindal/ Vendor Homepage: https://notepad-plus-plus.org...
Exploit for CVE-2026-48800
CVE-2026-48800 — Notepad++ Arbitrary Code Execution PoC Sev...
Exploit for CVE-2026-48778
CVE-2026-48...
Notepad++ security vulnerabilities
Notepad++ is an open-source plain-text editor developed by Don Ho of Taiwan, China. Notepad++ has security vulnerabilities, and attackers can exploit these vulnerabilities to execute arbitrary code...
PT-2026-48429
Name of the Vulnerable Software and Affected Versions Notepad++ affected versions not specified Description A zero-click remote code execution RCE issue exists due to path traversal. Path traversal is a technique that allows an attacker to access files and directories that are stored outside the...
Notepad++ 8.9.6 - Arbitrary Code Execution
Exploit Title: Notepad++ 8.9.6 - Arbitrary Code Execution Date: 2026-05-30 Exploit Author: Kavin Jindal Avyukt Security https://www.linkedin.com/in/kavin-jindal/ Vendor Homepage: https://notepad-plus-plus.org Software Link: https://notepad-plus-plus.org/downloads/v8.9.6/ Version: from config.xml...
Notepad-8.9.6-PoC
Notepad++ PoCs CVE-2026-48770 / CVE-2026-48778 / CVE-2026-488...