Search criteria
3 vulnerabilities by dail8859
CVE-2026-42214 (GCVE-0-2026-42214)
Vulnerability from cvelistv5 – Published: 2026-05-07 18:14 – Updated: 2026-05-09 03:55
VLAI
Title
Improper Control of Generation of Code ('Code Injection') in dail8859/NotepadNext
Summary
Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension() function interpolates a file's extension directly into a Lua script without sanitization. An attacker can craft a filename whose extension contains Lua code, which executes automatically when the victim opens the file in NotepadNext. Because luaL_openlibs() is called unconditionally, the full os, io, and package libraries are available to the injected code, enabling arbitrary command execution. This issue has been patched in version 0.14.
Severity
7.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/dail8859/NotepadNext/security/… | x_refsource_CONFIRM |
| https://github.com/dail8859/NotepadNext/commit/f3… | x_refsource_MISC |
| https://github.com/dail8859/NotepadNext/releases/… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dail8859 | NotepadNext |
Affected:
< 0.14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42214",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T03:55:59.742Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/dail8859/NotepadNext/security/advisories/GHSA-m5fq-c9x5-w54g"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NotepadNext",
"vendor": "dail8859",
"versions": [
{
"status": "affected",
"version": "\u003c 0.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext\u0027s detectLanguageFromExtension() function interpolates a file\u0027s extension directly into a Lua script without sanitization. An attacker can craft a filename whose extension contains Lua code, which executes automatically when the victim opens the file in NotepadNext. Because luaL_openlibs() is called unconditionally, the full os, io, and package libraries are available to the injected code, enabling arbitrary command execution. This issue has been patched in version 0.14."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T18:14:20.246Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dail8859/NotepadNext/security/advisories/GHSA-m5fq-c9x5-w54g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dail8859/NotepadNext/security/advisories/GHSA-m5fq-c9x5-w54g"
},
{
"name": "https://github.com/dail8859/NotepadNext/commit/f3ca1b10aca52f05fd7f4f5ebf9b566d6cd95ccc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dail8859/NotepadNext/commit/f3ca1b10aca52f05fd7f4f5ebf9b566d6cd95ccc"
},
{
"name": "https://github.com/dail8859/NotepadNext/releases/tag/v0.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dail8859/NotepadNext/releases/tag/v0.14"
}
],
"source": {
"advisory": "GHSA-m5fq-c9x5-w54g",
"discovery": "UNKNOWN"
},
"title": "Improper Control of Generation of Code (\u0027Code Injection\u0027) in dail8859/NotepadNext"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42214",
"datePublished": "2026-05-07T18:14:20.246Z",
"dateReserved": "2026-04-25T05:04:37.028Z",
"dateUpdated": "2026-05-09T03:55:59.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-52939 (GCVE-0-2025-52939)
Vulnerability from cvelistv5 – Published: 2025-06-23 09:26 – Updated: 2025-06-23 12:34
VLAI
Title
Potential heap-buffer overflow vulnerability in NotepadNext
Summary
Out-of-bounds Write vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C.
This issue affects NotepadNext: through v0.11.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dail8859/NotepadNext/pull/757/files | patchthird-party-advisory |
| https://github.com/dail8859/NotepadNext/commit/3e… | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dail8859 | NotepadNext |
Affected:
0 , ≤ v0.11
(git)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52939",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T12:31:43.227816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T12:34:13.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"src/lua/src"
],
"product": "NotepadNext",
"programFiles": [
"ldebug.c",
"lvm.c"
],
"repo": "https://github.com/dail8859/NotepadNext",
"vendor": "dail8859",
"versions": [
{
"lessThanOrEqual": "v0.11",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "TITAN Team (titancaproject@gmail.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Write vulnerability in dail8859 NotepadNext (src/lua/src modules).\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eldebug.C\u003c/tt\u003e, \u003ctt\u003elvm.C\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects NotepadNext: through v0.11.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Write vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C.\n\nThis issue affects NotepadNext: through v0.11."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/V:C/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T09:26:56.917Z",
"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd",
"shortName": "GovTech CSG"
},
"references": [
{
"tags": [
"patch",
"third-party-advisory"
],
"url": "https://github.com/dail8859/NotepadNext/pull/757/files"
},
{
"tags": [
"patch"
],
"url": "https://github.com/dail8859/NotepadNext/commit/3e928d91b8fc8bb5c77801ee8652f41e98d12571"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential heap-buffer overflow vulnerability in NotepadNext",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd",
"assignerShortName": "GovTech CSG",
"cveId": "CVE-2025-52939",
"datePublished": "2025-06-23T09:26:56.917Z",
"dateReserved": "2025-06-23T09:24:36.336Z",
"dateUpdated": "2025-06-23T12:34:13.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-52938 (GCVE-0-2025-52938)
Vulnerability from cvelistv5 – Published: 2025-06-23 09:26 – Updated: 2025-06-23 12:36
VLAI
Title
Potential heap-based buffer over-read vulnerability in NotepadNext
Summary
Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C.
This issue affects NotepadNext: through v0.11.
The singlevar() in lparser.c lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dail8859/NotepadNext/pull/756 | patchthird-party-advisory |
| https://github.com/dail8859/NotepadNext/commit/66… | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dail8859 | NotepadNext |
Affected:
0 , ≤ v0.11
(git)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52938",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T12:36:19.980020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T12:36:52.166Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"src/lua/src"
],
"product": "NotepadNext",
"programFiles": [
"lparser.c"
],
"repo": "https://github.com/dail8859/NotepadNext",
"vendor": "dail8859",
"versions": [
{
"lessThanOrEqual": "v0.11",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "TITAN Team (titancaproject@gmail.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules).\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003elparser.C\u003c/tt\u003e.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects NotepadNext: through v0.11.\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe singlevar() in lparser.c lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C.\n\n\nThis issue affects NotepadNext: through v0.11.\n\nThe singlevar() in lparser.c lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/S:N/AU:Y/R:A/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T09:26:39.214Z",
"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd",
"shortName": "GovTech CSG"
},
"references": [
{
"tags": [
"patch",
"third-party-advisory"
],
"url": "https://github.com/dail8859/NotepadNext/pull/756"
},
{
"tags": [
"patch"
],
"url": "https://github.com/dail8859/NotepadNext/commit/66b8a97d9fdfd2257996875716f39c18d84e004f"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential heap-based buffer over-read vulnerability in NotepadNext",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd",
"assignerShortName": "GovTech CSG",
"cveId": "CVE-2025-52938",
"datePublished": "2025-06-23T09:26:39.214Z",
"dateReserved": "2025-06-23T09:24:36.336Z",
"dateUpdated": "2025-06-23T12:36:52.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}