Security Advisory

Notepad++ Security Update Advisory

Jun 02 2026

Notepad++ Security Update Advisory

Overview

A security update has been released to address vulnerabilities in Notepad++. the vulnerabilities could lead to a denial of service (a condition that causes the Service to stop working properly) and arbitrary code execution (a risk that could cause a threat actor to execute unwanted code).

Target Products

Notepad++ version 8.9.6.1 and earlier: CVE-2026-48770, CVE-2026-48778.
Notepad++ version 8.9.6.2 and earlier: CVE-2026-48800.

Resolved vulnerabilities

CVE-2026-48770: Denial of Service vulnerability in Notepad++.
CVE-2026-48778: Arbitrary code execution vulnerability in Notepad++.
CVE-2026-48800: Arbitrary code execution vulnerability in Notepad++.

What to do

vulnerability patches have been made available in the latest update. you should update Notepad++ to the latest version of the Vulnerability Patch by following the instructions on the reference site.

Reference versions

CVE-2026-48770, CVE-2026-48778: Notepad++ 8.9.6.1 and later.
CVE-2026-48800: Notepad++ 8.9.6.2 and later.

Previous Post

Samba Security Update Advisory

Next Post

Mirasvit Product Security Update Advisory (CVE-2026-45247)