CVE-2026-38972
Received Received - Intake

DLL Search Order Hijacking in Notepad3

Vulnerability report for CVE-2026-38972, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-02

Last updated on: 2026-07-02

Assigner: MITRE

Description

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or another preferred DLL search location and achieve arbitrary code execution in the context of the user when the About dialog is opened.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-02
Last Modified
2026-07-02
Generated
2026-07-03
AI Q&A
2026-07-03
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
rizonesoft notepad3 From 3.0.0 (inc) to 6.25.822.1 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

Notepad3 versions up to 6.25.822.1 have a DLL search-order hijacking vulnerability in the About-dialog code path. Specifically, the application calls LoadLibrary with a bare DLL name "MSFTEDIT.DLL". This allows a local attacker to place a malicious DLL named MSFTEDIT.DLL in the application directory or another location that is searched first for DLLs. When the About dialog is opened, the malicious DLL is loaded, enabling the attacker to execute arbitrary code with the user's privileges.

Impact Analysis

This vulnerability can allow a local attacker to execute arbitrary code within the context of the user running Notepad3. This means the attacker could potentially run malicious code, access or modify user data, install malware, or perform other unauthorized actions with the same permissions as the user.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-38972. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart