vulnerability
NotepadPlusPlus: Unspecified Security Vulnerability (CVE-2023-40166)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:L/AC:M/Au:N/C:C/I:N/A:N) | Aug 25, 2023 | Sep 11, 2023 | Jan 28, 2025 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:N)
Published
Aug 25, 2023
Added
Sep 11, 2023
Modified
Jan 28, 2025
Description
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in `FileManager::detectLanguageFromTextBegining `. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.
Solution
notepadplusplus-upgrade-latest

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.