https://ringzeropirate.github.io/en/tags/xml/Recent content in Xml on RingZero PirateHugoen-USFri, 29 May 2026 00:00:00 +0000https://ringzeropirate.github.io/en/articles/notepadpp_rce/Fri, 29 May 2026 00:00:00 +0000https://ringzeropirate.github.io/en/articles/notepadpp_rce/CVE-2026-48778 | CVE-2026-48800 | CVSS 7.8 HIGH Notepad++ v8.9.5 — Fixed in v8.9.6.1 Reading time: 10 minuti Responsible Disclosure Note — All findings described in this article were communicated to Don Ho (maintainer of Notepad++) prior to publication. The upstream fix has been committed to the repository notepad-plus-plus/notepad-plus-plus. The complete timeline is provided at the bottom of the article. Table of Contents Introduction Setup: Loading the Codebase Threat Model and Attack Surface Phase 1: Taint Analysis with Semgrep Phase 2: Manual Verification of Findings CVE-2026-48778: config.