Theregister
Vulnerability in Notepad's Markdown Feature Allows Remote Code Execution
First seen 11 Feb 2026, 19:30 UTC
•



+55
•80% similarity
•56.1
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Researchers have discovered a vulnerability in Notepad's newly added Markdown support that can be exploited for remote code execution (RCE). This flaw, tracked as CVE-2026-20841 with a severity score of 8.8, was addressed in Microsoft's latest Patch Tuesday updates. The exploitation requires social engineering tactics, making it less severe than other vulnerabilities.
ThreatCluster AI
Timeline
2026-02-10
CVE-2026-20841 published
2026-02-11
First public PoC released