CVE-2022-31902

MEDIUM

Notepad++ < 8.4.3 - Stack Overflow in Finder::add()

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-31902. PoCs published by CDACesec.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2022-31902, a Denial of Service (DoS) vulnerability in Notepad++ (x86) versions up to 8.4.3. The root cause is identified as a memory allocation failure in the `finder::add` function, leading to a `bad_alloc` exception when processing a specially crafted text file.

Description

Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add().

Exploits (1)

nomisec WRITEUP 1 stars

by CDACesec · poc

https://github.com/CDACesec/CVE-2022-31902

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2022-31902, a Denial of Service (DoS) vulnerability in Notepad++ (x86) versions up to 8.4.3. The root cause is identified as a memory allocation failure in the `finder::add` function, leading to a `bad_alloc` exception when processing a specially crafted text file.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Notepad++ (x86) versions 8.4.3 and before

No auth needed

Prerequisites: A specially crafted text file · Access to Notepad++ application

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Broken Link

http://notepad.com

Exploit, Third Party Advisory

https://github.com/CDACesec/CVE-2022-31902

Scores

CVSS v3 5.5

EPSS 0.0058

EPSS Percentile 43.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (1)

notepad-plus-plus/notepad\+\+ < 8.4.3

Published Feb 01, 2023

Tracked Since Feb 18, 2026