Description
Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or another preferred DLL search location and achieve arbitrary code execution in the context of the user when the About dialog is opened.
Published: 2026-07-02
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Jul 2026 09:00:00 +0000

Type Values Removed Values Added
Title DLL Hijacking via About Dialog in Notepad3

Tue, 07 Jul 2026 01:30:00 +0000

Type Values Removed Values Added
Title DLL Hijacking Vulnerability in Notepad3’s About Dialog
Weaknesses CWE-114

Mon, 06 Jul 2026 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-427
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 06 Jul 2026 02:45:00 +0000

Type Values Removed Values Added
Title DLL Hijacking Vulnerability in Notepad3’s About Dialog
Weaknesses CWE-114

Sun, 05 Jul 2026 18:45:00 +0000

Type Values Removed Values Added
Title DLL Hijacking in Notepad3 About Dialog Allows Local Code Execution
Weaknesses CWE-114

Sun, 05 Jul 2026 10:45:00 +0000

Type Values Removed Values Added
Title DLL Hijacking in Notepad3 About Dialog Allows Local Code Execution
Weaknesses CWE-114

Sat, 04 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Title DLL Search-Order Hijacking in Notepad3 About Dialog
Weaknesses CWE-114

Sat, 04 Jul 2026 10:45:00 +0000

Type Values Removed Values Added
Title DLL Search-Order Hijacking in Notepad3 About Dialog
Weaknesses CWE-114

Fri, 03 Jul 2026 22:00:00 +0000

Type Values Removed Values Added
Title Local DLL Hijacking Allows Arbitrary Code Execution in Notepad3 About Dialog
Weaknesses CWE-114

Fri, 03 Jul 2026 04:00:00 +0000

Type Values Removed Values Added
Title Local DLL Hijacking Allows Arbitrary Code Execution in Notepad3 About Dialog
Weaknesses CWE-114

Thu, 02 Jul 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Rizonesoft
Rizonesoft notepad3
Vendors & Products Rizonesoft
Rizonesoft notepad3

Thu, 02 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Description Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or another preferred DLL search location and achieve arbitrary code execution in the context of the user when the About dialog is opened.
References

Subscriptions

Rizonesoft Notepad3
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-07-06T14:42:52.329Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-38972

cve-icon Vulnrichment

Updated: 2026-07-06T14:41:50.532Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-07T08:45:04Z

Weaknesses