VDB
CNVD-2026-12559
CNVD-2026-12559
PUBLISHED
CVSS 7.800000190734863 HIGH
Microsoft Windows Notepad是美国微软(Microsoft)公司的一个文本编辑程序。 Microsoft Windows Notepad存在命令注入漏洞。该漏洞源于应用未能正确过滤构造命令特殊字符、命令等,攻击者可利用该漏洞可以远程执行代码。
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Notepad | 11.0.0 |
| microsoft | window_notepad | 11.0.0 |
Exploit Intelligence
- https://news.ycombinator.com/item?id=46971516 (circl)
- Windows Notepad App Remote Code Execution Vulnerability (circl)
- CIRCL seen: CVE-2026-20841 (circl-sighting)
- CIRCL seen: CVE-2026-20841 (circl-sighting)
- CIRCL seen: CVE-2026-20841 (circl-sighting)
- CIRCL seen: CVE-2026-20841 (circl-sighting)
- CIRCL seen: CVE-2026-20841 (circl-sighting)
- CIRCL seen: CVE-2026-20841 (circl-sighting)
- CIRCL seen: CVE-2026-20841 (circl-sighting)
- CIRCL seen: CVE-2026-20841 (circl-sighting)
…and 128 more exploits
Timeline
- May 25, 2023 CVE Published
- Feb 10, 2026 PoC Published
- Feb 10, 2026 PoC Published
- Feb 10, 2026 PoC Published
- Feb 10, 2026 PoC Published
- Feb 11, 2026 PoC Published
- Feb 11, 2026 PoC Published
- Feb 11, 2026 PoC Published
- Feb 11, 2026 PoC Published
- Feb 11, 2026 PoC Published
- Feb 11, 2026 PoC Published
- Feb 11, 2026 PoC Published