EIP-2026-117702

PRE-CVE

Notepad++ Plugin Notepad 1.5 - Local Overflow

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117702. PoCs published by Junwen Sun.

AI-analyzed exploit summary The writeup describes a stack buffer overflow vulnerability in the Notepad# plugin for Notepad++ 6.3.2, where improper handling of long strings in PluginDefinition.cpp leads to a crash and potential arbitrary code execution. The exploit leverages the overflow to execute calc.exe as a proof-of-concept.

Description

Notepad++ Plugin Notepad 1.5 - Local Overflow

Exploits (1)

exploitdb WRITEUP VERIFIED
by Junwen Sun · textlocalwindows
https://www.exploit-db.com/exploits/30007

The writeup describes a stack buffer overflow vulnerability in the Notepad# plugin for Notepad++ 6.3.2, where improper handling of long strings in PluginDefinition.cpp leads to a crash and potential arbitrary code execution. The exploit leverages the overflow to execute calc.exe as a proof-of-concept.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Notepad++ 6.3.2 with Notepad# plugin (1.5) and Explorer plugin (1.8.2)
No auth needed
Prerequisites: Notepad++ 6.3.2 installed · Notepad# plugin (1.5) installed · Explorer plugin (1.8.2) installed
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026