kavin-jindal/CVE-2026-48778-PoC

GitHub: kavin-jindal/CVE-2026-48778-PoC

Stars: 0 | Forks: 0

# CVE-2026-48778 — Notepad++ Arbitrary Code Execution PoC **Severity:** High (CVSS 7.8) | **Affected:** Notepad++ ≤ 8.9.6 | **Patched:** v8.9.6.1 A PoC script for CVE-2026-48778, an arbitrary code execution vulnerability in Notepad++ ≤ 8.9.6. For full technical details, see the [official security advisory](https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-7hm3-wp5q-ccv9). ## Usage python cve-2026-48778.py **Trigger after running:** File → Open Containing Folder → cmd **Expected result:** `calc.exe` launches instead of cmd. ## Author **Kavin Jindal** — [Avyukt Security](https://www.linkedin.com/company/avyukt-security/) || [LinkedIn](https://www.linkedin.com/in/kavin-jindal/) ## Disclaimer This PoC is published for educational and research purposes only. Use only on systems you own or have explicit permission to test.