VYPR

Notepadnext

by Dail8859

Source repositories

CVEs (3)

  • CVE-2025-52939CriJun 23, 2025
    risk 0.54cvss epss 0.00

    Out-of-bounds Write vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects NotepadNext: through v0.11.

  • CVE-2026-42214HigMay 7, 2026
    risk 0.44cvss 7.8epss 0.00

    Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension() function interpolates a file's extension directly into a Lua script without sanitization. An attacker can craft a filename whose extension contains…

  • CVE-2025-52938MedJun 23, 2025
    risk 0.26cvss epss 0.00

    Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar() in lparser.c lacks a certain luaK_exp2anyregup call, leading to a…