CVE-2023-40166 Information

Description

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially it may be used to leak internal memory allocation information. As of time of publication no known patches are available in existing versions of Notepad++.

Reference

https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/