NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-3008

Summary	Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or crash the application.
Publication Date	April 27, 2026, 4:16 p.m.
Registration Date	April 28, 2026, 4:07 a.m.
Last Update	April 28, 2026, 3:57 a.m.

CVSS3.1 : MEDIUM
スコア	6.6
Vector	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	要
影響の想定範囲(S)	変更なし
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	高

Related information, measures and tools

No	URL	refsource	タグ
1	https://community.notepad-plus-plus.org/topic/27500/notepad-v8-9-4-release-candidate	5f57b9bf-260d-4433-bf07-b6a79e9bb7d4
2	https://github.com/llgsjsm/cve-2026-3008	5f57b9bf-260d-4433-bf07-b6a79e9bb7d4
3	https://github.com/notepad-plus-plus/notepad-plus-plus/issues/17960	5f57b9bf-260d-4433-bf07-b6a79e9bb7d4
4	https://llgsjsm.github.io/cve-2026-3008/	5f57b9bf-260d-4433-bf07-b6a79e9bb7d4
5	https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2026-044/	5f57b9bf-260d-4433-bf07-b6a79e9bb7d4
6	https://github.com/llgsjsm/cve-2026-3008	134c704f-9b21-4f2e-91b3-4a467353bcc0

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-134	書式文字列の問題	https://cwe.mitre.org/data/definitions/134.html