SysAdmin.help

Ref. : Notepad++ Patches High-Severity RCE Flaws in Version 8.9.6.1

The developers behind Notepad++ have released version 8.9.6.1 to address multiple security vulnerabilities, including critical flaws that could expose users to remote code execution (RCE) attacks under certain conditions. The ...

Current version (as of 2026-05-29) of Chrome on Windows is: Version 148.0.7778.217 (Official Build) (64-bit)

Some of the CVE's are:
CVE-2026-9893 CVE-2026-9892 CVE-2026-9891 CVE-2026-9890 CVE-2026-9889 CVE-2026-9888 CVE-2026-9887 CVE-2026-9886 CVE-2026-9885 CVE-2026-9884 CVE-2026-9883 CVE-2026 ...

: 707693556_1041876088197081_6047832248546284981_n.jpg (99.63 KiB) Viewed 17 times

Notepad++, one of the most widely used open-source text editors for Windows, has released an urgent security update addressing three vulnerabilities, including two arbitrary code execution flaws that could allow attackers to silently run malicious programs on a victim’s machine.

The Notepad ...

Overview

CISA has added CVE-2026-48172 to its Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. The flaw is a maximum-severity privilege escalation vulnerability (CVSS v4.0: 10.0) residing in the LiteSpeed User-End cPanel Plugin versions 2.3 through 2.4.4 ...

A critical Windows kernel vulnerability, tracked as CVE-2026-40369, has been disclosed, enabling attackers to achieve full SYSTEM-level privilege escalation even from the most restricted environments, including browser sandboxes.

Discovered by security researcher Ori Nimron, the flaw affects ...

CVE ID: CVE-2026-48849
Published: May 25, 2026
Description: In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, an unsanitized subject field in the draft restored value could lead to stored XSS/HTML/CSS injection on shared mailboxes.
Severity: 4.4 | MEDIUM

Visit the link for more ...

CVE ID: CVE-2026-48848
Published: May 25, 2026
Description: Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets (CSS) injection via an SVG document that has an animate element with the attributeName attribute ...

CVE ID: CVE-2026-48847
Published: May 25, 2026
Description: Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session poisoning bypass.
Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details ...

CVE ID: CVE-2026-48846
Published: May 25, 2026
Description: In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var() value in an e-mail message, which may lead to information disclosure or access-control bypass ...

SysAdmin.help

Search found 45 matches

Re: CVE-2026-48770, CVE-2026-48778, CVE-2026-48800 - Notepad++ Vulnerabilities

Google Patches 151 Vulnerabilities in Chrome, Including 22 Critical Ones

U Shall Not Enter

CVE-2026-48770, CVE-2026-48778, CVE-2026-48800 - Notepad++ Vulnerabilities

CVE-2026-48172 — LiteSpeed User-End cPanel Plugin Privilege Escalation

CVE-2026-40369 - Windows Kernel Vulnerability Allows Attackers to Modify Kernel Memory Counters

CVE-2026-48849 - Roundcube Webmail Stored XSS/HTML/CSS Injection

CVE-2026-48848 - Roundcube Webmail CSS Injection Vulnerability

CVE-2026-48847 - Roundcube Webmail Redis/Memcache File Deletion Vulnerabilit

CVE-2026-48846 - Roundcube Webmail CSS Injection Vulnerability