PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...

Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...

Microsoft patches Windows 11 Notepad RCE flaw CVE-2026-20841 Vulnerability exploited Markdown links to execute malicious code with user permissions Patch Tuesday update fixes issue; versions 11.2510 ...

Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).… Tracked as CVE-2026-20841 (8.8), the ...

Bloat Risk? Microsoft's Notepad Upgrade Also Introduced a Vulnerability The flaw exploits Notepad’s recently added support for Markdown, a formatting language used on websites and in files, to run ...

Share on Facebook (opens in a new window) Share on X (opens in a new window) Share on Reddit (opens in a new window) Share on Hacker News (opens in a new window) Share on Flipboard (opens in a new ...

TL;DR: Windows 11's Notepad app has a security flaw rated as a 'high' severity vulnerability, one that allows for remote code execution. The good news is that it's already been patched by Microsoft, ...

At least it's easy enough to avoid, until Notepad gets patched to fix the problem. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft’s effort to modernize the humble Notepad app has come with a cost: Security researchers have discovered a serious vulnerability in the program following a feature update. The flaw, which ...