CVE-2026-48778

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-48778 is a vulnerability identified in Notepad++, a popular open-source text editor for Windows. This flaw resides in how the application processes its `config.xml` configuration file, specifically within the `<GUIConfig name="commandLineInterpreter">` tag. The value from this tag is read and stored without any validation or digital signature checks. When a user initiates the "File → Open Containing Folder → cmd" action, Notepad++ passes the unvalidated string from the `commandLineInterpreter` tag directly to the `ShellExecute()` function. This allows an attacker to substitute an arbitrary executable in place of the intended command interpreter, leading to arbitrary code execution. Potential exploitation vectors include direct modification of the `config.xml` file, use of malicious shortcuts with the `-settingsDir=` flag, or cloud sync poisoning. The vulnerability was addressed in Notepad++ version 8.9.6.1.

Description
-

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

8

  1. Se han revelado vulnerabilidades críticas (CVE-2026-48778 y CVE-2026-48800) en el popular editor Notepad++ que permiten la ejecución arbitraria de código (RCE). El fallo radica en la falta de validación de comandos dentro de los archivos de configuración (config.xml y https:

    @tpx_Security

    29 May 2026

    71 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Notepad++ &lt;= 8.9.6 Multiple Vulnerabilities (CVE-2026-48770, CVE-2026-48778, CVE-2026-48800) poc: https://t.co/hynIeZp5SS https://t.co/Et7ZKIEN5v

    @hackingspace

    29 May 2026

    272 Impressions

    0 Retweets

    3 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  3. csirt_it: ‼️ #Notepad++: disponibili #PoC per le CVE-2026-48800, CVE-2026-48778 e CVE-2026-48770 che interessano il noto editor di testo Rischio: 🔴 Tipologia: 🔸 Arbitrary Code Execution 🔸 Denial of Service 🔗 https://t.co/tG5AKVnGtJ 🔄 Aggiorname… https://

    @Vulcanux_

    28 May 2026

    51 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 اذا انت من الجيل القديم ولاتزال تستخدم Notepad++ حدّث البرنامج فوراً إلى الإصدار الأخير (v8.9.6.1). 📍 الثغرة الأولى: (CVE-2026-48770) 📍 الثغرة الثانية: (CVE-2026-48778) 📍

    @buhaimedi

    28 May 2026

    3715 Impressions

    4 Retweets

    35 Likes

    18 Bookmarks

    3 Replies

    0 Quotes

  5. ‼️ #Notepad++: disponibili #PoC per le CVE-2026-48800, CVE-2026-48778 e CVE-2026-48770 che interessano il noto editor di testo Rischio: 🔴 Tipologia: 🔸 Arbitrary Code Execution 🔸 Denial of Service 🔗 https://t.co/DEGdsIPlJS 🔄 Aggiornamenti disponibili 🔄 h

    @csirt_it

    28 May 2026

    253 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. برای ابزار پرکاربرد Notepad plus plus چندین آسیب پذیری از نوع Code execution با کدهای شناسایی CVE-2026-48770 و CVE-2026-48778 و CVE-2026-48800 منتشر شده است . برای امن سازی به نسخه 8.9.6.1 به رو

    @EthicalSafe

    28 May 2026

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.