Critical Notepad++ Flaw Could Enable Remote Code Execution Attacks
ID: 0214ba3b-7d90-5777-8fce-a17973d6b11f
STIX ID: report--0214ba3b-7d90-5777-8fce-a17973d6b11f
Feed Name: GBHackers
Notepad++ released version 8.9.6.1 to patch multiple vulnerabilities — most critically CVE-2026-48778, which permits arbitrary code execution by abusing the <guiconfig name="commandLineInterpreter"> parameter in config.xml and the "Open Containing Folder in cmd" feature; attackers can inject malicious values via local AppData config modification, manipulated settingsDir shortcuts, cloud-synced configs, or social engineering. Two additional issues (CVE-2026-48770 causing crashes and CVE-2026-48800 related to shortcuts.xml) are also patched; users are urged to upgrade immediately and monitor/restrict configuration file writes.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.