CVE-2026-48770
MediumCVSS 5.0Exploitation Probability (EPSS)
Low risk19th percentile — higher than 19% of all known CVEs
Summary
Notepad++ prior to version 8.9.6.1 contains a vulnerability in handling WM_COPYDATA messages. A local process in the same Windows session can send a malformed message that does not enforce data length checking, potentially leading to a buffer overflow.
Risk Assessment
An attacker with access to the user's session could exploit this vulnerability to escalate privileges or execute arbitrary code in the context of Notepad++, compromising data confidentiality and integrity.
Recommendation
Immediately update Notepad++ to version 8.9.6.1 or later, which includes a fix for this vulnerability.
Original NVD description (English source)
Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WM_COPYDATA message to Notepad++ using the COPYDATA_FULL_CMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded NUL-terminated wchar_t* instead of enforcing COPYDATASTRUCT.cbData. This vulnerability is fixed in 8.9.6.1.

