Known Vulnerabilities for Notepad by Notepad-plus-plus
Listed below are 10 of the newest known vulnerabilities associated with "Notepad " by "Notepad-plus-plus".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-52885 json | Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shor... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-52884 json | Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory() does NOT canonicalize the path be... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-48800 json | Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the | Not Provided
|
2026-06-26
|
2026-06-30
|
|
| CVE-2026-48778 json | Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the |
Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-48770 json | Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows ses... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-46710 json | Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalati... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-42214 json | Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExten... | Not Provided | 2026-05-07 | 2026-05-09 |
| CVE-2026-6539 json | Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to c... | Not Provided | 2026-04-30 | 2026-05-01 |
| CVE-2026-5525 json | A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user... | Not Provided | 2026-04-10 | 2026-04-10 |
| CVE-2025-57927 json | Cross-Site Request Forgery (CSRF) vulnerability in Stephanie Leary Dashboard Notepad dashboard-notepad allows Cross Site Requ... | Not Provided | 2025-09-22 | 2026-04-23 |