PT-2026-55312 · Undefined · Undefined
Quart27219
·
Published
2026-07-02
·
Updated
2026-07-02
·
CVE-2026-38972
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or another preferred DLL search location and achieve arbitrary code execution in the context of the user when the About dialog is opened.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined