CVE-2026-2841

Name of the Vulnerable Software and Affected Versions Windows Notepad versions prior to 11.x patch

Description A remote code execution issue exists in the modern Windows 11 Notepad application distributed through the Microsoft Store. A malicious Markdown (.md) file can trigger command injection, allowing for the execution of arbitrary code. This is particularly dangerous when combined with other exploits. The issue stems from a flaw in how Notepad handles crafted links or interactive content within Markdown files.

Recommendations Update Windows Notepad to the latest version with the available patch.