Path traversal in Notepad++ - CVE-2026-52886
Published: July 14, 2026
Notepad++
Detailed vulnerability description
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to path traversal in the session.xml backupFilePath attribute validation when restoring a session file in snapshot mode. A local user can inject a crafted traversal path into session.xml to disclose sensitive information.
On the next application launch with snapshot mode active, the target file content is loaded into an editor tab after the operating system resolves parent-directory traversal sequences.