Notepad++ Vulnerability Can Crash App and Leak Memory Data

A recently discovered security issue in Notepad++ has raised concerns among developers and IT professionals who rely on the tool for daily work. Known for its lightweight design and wide range of features, Notepad++ is commonly used for coding, scripting, and text editing. However, this new vulnerability can crash Notepad++ and leak memory data.

The flaw, identified as CVE-2026-3008, can allow attackers to crash the application or access sensitive memory information. This issue is linked to the FindInFiles feature, which is often used to search for specific text across multiple files. The problem occurs when a configuration file called nativeLang.xml contains a certain format specifier, specifically “%s,” in a field named “find-result-hits.” When the application processes this input, it can behave unexpectedly.

Notepad++ Vulnerability Can Crash the App and Leak Memory Data

This type of issue is known as a string injection vulnerability. In simple terms, it means the software does not properly handle certain inputs, which can lead to errors in memory usage. As a result, an attacker could exploit this weakness to cause the application to crash, creating a denial-of-service condition. In some cases, it may also expose memory address information, which can be used in more advanced attacks.

A second vulnerability, CVE-2026-6539, has also been addressed as part of the same update. While details about this issue are more limited, its inclusion suggests that developers identified additional related concerns during their investigation. Addressing both vulnerabilities together helps improve the overall security of the application.

Although memory leaks might seem less serious compared to other types of attacks, they can still play a significant role in cybersecurity threats. Attackers often combine multiple weaknesses to bypass protections such as Address Space Layout Randomization. By gathering memory information, they may increase their chances of successfully exploiting a system.

The vulnerability affects version 8.9.3 of Notepad++. Users running this version, as well as older releases, are considered at risk. Given how widely the software is used across personal systems and enterprise environments, the potential impact could be significant if the issue is not addressed quickly.

See Also: This New Malware Targets Chrome, Edge, Firefox, and Bypasses 2FA Security – How to Stay Safe

In response, the Notepad++ development team has released version 8.9.4, which fixes both CVE-2026-3008 and CVE-2026-6539. The update corrects how the FindInFiles feature handles format strings in the configuration file, preventing the crash and reducing the risk of memory exposure. The fix has been documented publicly, allowing users and organizations to review the changes.

Users are strongly advised to update their software as soon as possible. Installing the latest version from the official source is the most effective way to stay protected. It is also a good idea to verify the downloaded file to ensure it has not been tampered with.

This incident serves as a reminder that even widely trusted tools can have vulnerabilities. Regular updates and basic security practices remain essential for keeping systems safe and maintaining smooth workflows.