CVE-2023-40036 Information

Description

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in CharDistributionAnalysis::HandleOneChar. The exploitability of this issue is not clear. Potentially it may be used to leak internal memory allocation information. As of time of publication no known patches are available in existing versions of Notepad++.

Reference

https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/