Heise.De
Critical Notepad++ Vulnerabilities Allow Remote Code Execution
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Notepad++ has released version 8.9.6.1 to patch three vulnerabilities, including two critical flaws (CVE-2026-48778 and CVE-2026-48800) that enable arbitrary code execution on Windows systems. These vulnerabilities arise from improper handling of XML configuration files, allowing local attackers to execute commands by tampering with user settings. The flaws affect all versions up to 8.9.6 and were disclosed on May 26, 2026. CVE-2026-48778 allows manipulation of the command-line interpreter path, while CVE-2026-48800 targets user-defined commands in the shortcuts.xml file. Both require user interaction or prior access to the AppData directory. A third lower-severity vulnerability, CVE-2026-48770, was also patched. Users are urged to update immediately to mitigate risks.
Key Points: • Two critical vulnerabilities in Notepad++ allow arbitrary code execution. • Affected versions include all prior to 8.9.6; users must update to 8.9.6.1. • Attackers can exploit these flaws through tampered XML configuration files.