CVE-2025-52938 – NotepadNext Lua Engine Out-of-bounds Read Vulnerability

June 23, 2025

CVE ID : CVE-2025-52938

Published : June 23, 2025, 10:15 a.m. | 4 hours, 31 minutes ago

Description : Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C.

This issue affects NotepadNext: through v0.11.

The singlevar() in lparser.c lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52935 – DragonflyDB Redis Lua Integer Overflow

Next Article CVE-2025-52937 – PointCloudLibrary PCL zlib Buffer Overflow

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-52938 – NotepadNext Lua Engine Out-of-bounds Read Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

CVE-2025-6335 – DedeCMS Template Handler Command Injection Vulnerability

Google I/O 2025: How to watch and what the event schedule tells us

Xbox handheld leaks in new “Project Kennan” photos from the FCC — plus an ASUS ROG Ally 2 prototype with early specs

CVE-2025-6432 – Mozilla Firefox DNS Proxy Bypass Vulnerability

CVE-2025-47462 – Ohidul Islam Challan CSRF Privilege Escalation

CVE-2025-4229 – Palo Alto Networks PAN-OS SD-WAN Information Disclosure Vulnerability

Does Making Fewer HTTP Requests Improve Page Speed?

CVE-2012-10034 – “ClanSphere File Inclusion Vulnerability”

CVE-2025-52938 – NotepadNext Lua Engine Out-of-bounds Read Vulnerability

Related Posts