CVE-2026-52885 | notepad-plus-plus Notepad++ up to 8.9.6.4 NppCommands.cpp toctou (GHSA-qm4c-qg8p-qfcr)

SecurityVulns

A vulnerability identified as problematic has been detected in notepad-plus-plus Notepad++ up to 8.9.6.4. Affected is an unknown function of the file NppCommands.cpp. Performing a manipulation results in time-of-check time-of-use.

This vulnerability is cataloged as CVE-2026-52885. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More