What is CVE-2025-52938?

CVE-2025-52938 is a vulnerability in Dail8859 Notepadnext, classified under Out-of-bounds Read. Published 2025-06-23.

Is CVE-2025-52938 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Out-of-bounds Read in Dail8859 Notepadnext

CVE-2025-52938

Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar() in lparser.c lacks a certain l…

Vulnerability class: Buffer Overflow

EPSS: 0.001 (29.2th percentile) — read the EPSS interpretation.

Affected products

Dail8859 Notepadnext — versions 0

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

github.com/dail8859/NotepadNext/pull/756 (patch, third-party-advisory)
github.com/dail8859/NotepadNext/commit/66b8a97d9fdfd2257996875716f39c18d84e004f (patch)

Frequently asked questions

What is CVE-2025-52938?: CVE-2025-52938 is a vulnerability in Dail8859 Notepadnext, classified under Out-of-bounds Read. Published 2025-06-23.
Is CVE-2025-52938 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.