Description
Out-of-bounds Read vulnerability in rizonesoft Notepad3 (‎scintilla/oniguruma/src modules). This vulnerability is associated with program files regcomp.C‎.

This issue affects Notepad3: before 6.25.714.1.
Published: 2026-03-24
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary Code Execution
Action: Immediate Patch
AI Analysis

Impact

This vulnerability is an out‑of‑bounds read in Notepad3’s regex engine, leading to a heap buffer overflow when a crafted regular expression is compiled. The overflow permits an attacker to execute arbitrary code, potentially taking full control of the affected system. The weakness corresponds to CWE‑125, which describes incorrect handling of memory read boundaries. The impact is that a local user or a malicious document can compromise confidentiality, integrity, and availability of the host machine.

Affected Systems

The affected product is Notepad3 from Rizonesoft. Versions prior to 6.25.714.1 are vulnerable. No other vendors or versions are referenced. Users of earlier builds should verify their version and consider upgrading.

Risk and Exploitability

The CVSS score of 9.3 indicates a high risk, with the potential for complete system compromise. The EPSS score is not available, but the lack of a KEV listing does not lower the threat; the flaw remains exploitable under local conditions. The likely attack vector is local exploitation via a malicious file that contains a regex pattern engineered to trigger the overflow. Attackers would need to get the application to process the crafted pattern, which could be achieved by opening a doctored file or link. Consequently, the risk remains significant until the application is updated.

Generated by OpenCVE AI on March 24, 2026 at 04:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Notepad3 to version 6.25.714.1 or later.
  • If an upgrade is not immediately possible, refrain from opening untrusted files that contain regular expressions or temporarily disable Notepad3 until a patch is applied.
  • Monitor the vendor’s website or advisories for updates and apply any new releases promptly.

Generated by OpenCVE AI on March 24, 2026 at 04:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Rizonesoft
Rizonesoft notepad3
Vendors & Products Rizonesoft
Rizonesoft notepad3

Tue, 24 Mar 2026 03:30:00 +0000

Type Values Removed Values Added
Description Out-of-bounds Read vulnerability in rizonesoft Notepad3 (‎scintilla/oniguruma/src modules). This vulnerability is associated with program files regcomp.C‎. This issue affects Notepad3: before 6.25.714.1.
Title Notepad3 Bundled Oniguruma compile_string_node() Heap Buffer Overflow via Crafted Regex Pattern Allows Arbitrary Code Execution
Weaknesses CWE-125
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/S:N/AU:N/R:U/V:D/RE:L/U:Amber'}

Subscriptions

Rizonesoft Notepad3
cve-icon MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published:

Updated: 2026-03-24T14:32:51.908Z

Reserved: 2026-03-24T03:25:50.464Z

Link: CVE-2026-4744

cve-icon Vulnrichment

Updated: 2026-03-24T14:32:47.718Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-24T04:17:32.880

Modified: 2026-03-24T15:53:48.067

Link: CVE-2026-4744

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:40:15Z

Weaknesses