News Notepad++ path traversal bypass can execute commands without a prompt (CVE-2026-52884) June 12, 2026 / June 12, 2026 by Alex Mira | Leave a Comment A Notepad++ advisory (CVE-2026-52884) describes a path traversal bypass that can execute commands without the editor’s usual confirmation dialog. Attack paths involve tampering with shortcuts.xml or redirecting the settings directory. Patch status is unclear; monitor the advisory and handle configuration files with care. Read more » Configuration Files CVE-2026-52884 GitHub Security Advisory Notepad++ Path Traversal Windows security
News Microsoft Defender CVEs: CVE-2026-41091 (local privilege escalation) and CVE-2026-45498 (denial of service) May 21, 2026 / May 21, 2026 by Alex Mira | Leave a Comment Two Microsoft Defender flaws—CVE-2026-41091 (local privilege escalation via link following) and CVE-2026-45498 (denial of service)—are now listed in NVD and MSRC. Here’s what’s confirmed, what remains unclear, and where to find official guidance. Read more » CVE-2026-41091 CVE-2026-45498 Endpoint security Microsoft Defender Vulnerability Management Windows security
