CVE-2018-25378
Deferred Deferred - Pending Action
Denial of Service in Notebook Pro 2.0 via Long Notebook Name

Publication date: 2026-05-25

Last updated on: 2026-05-25

Assigner: VulnCheck

Description
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can create a malicious text file containing 500 or more characters, paste the content into the New Notebook Name field, and trigger an application crash when attempting to create and save the notebook.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-25
Last Modified
2026-05-25
Generated
2026-06-15
AI Q&A
2026-05-26
EPSS Evaluated
2026-06-14
NVD
CVE-2018-25378
EUVD
EUVD-2018-21898
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-789 The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Notebook Pro 2.0 and is a denial of service issue. It allows local attackers to crash the application by entering an excessively long string in the notebook name field.

An attacker can create a malicious text file containing 500 or more characters, then paste this content into the New Notebook Name field. When the attacker attempts to create and save the notebook with this long name, the application crashes.

Impact Analysis

This vulnerability can cause the Notebook Pro 2.0 application to crash, resulting in a denial of service. This means legitimate users may be unable to use the application while it is crashed.

Since the attack requires local access, an attacker with local access can disrupt normal operations by triggering the crash.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25378. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart