High-severity flaw fixed in Windows 11 Notepad ...

Careful out there.

Microsoft has patched a high-severity RCE vulnerability in the Windows 11 Notepad app that could allow attackers to silently execute malicious files ...

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

Microsoft confirms CVE-2026-20841, a Remote Code Execution flaw in Windows 11 Notepad via Markdown links. Patch now rolling out.

You can infect your PC with malware without ever leaving Notepad, thanks to recent updates and additions. Hooray.

There's a remote code execution vulnerability in Notepad which is leveraged via the recently introduced formatting abilities to make tables in the app.

According to Microsoft's release notes, the update fixes 25 elevation of privilege flaws, 12 remote code execution ...

Microsoft fixes a high-severity Notepad RCE flaw tied to Markdown files. Install the latest updates to protect your PC.

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.