Notepad++ Releases 8.9.4 Patch to Fix String Injection Vulnerability (CVE-2026-3008) in 8.9.3
ID: 3b3ed8e0-c2fd-5899-b7d2-ca1063b3c173
STIX ID: report--3b3ed8e0-c2fd-5899-b7d2-ca1063b3c173
Feed Name: The Cyber Express
Threat Score
**Executive summary:** Notepad++ v8.9.3 contains a string-injection vulnerability (CVE-2026-3008) that may allow sensitive memory disclosure or cause application crashes; the issue was responsibly disclosed and is fixed in version 8.9.4, so users and administrators should upgrade promptly.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.