CVE-2025-52938 – NotepadNext Lua Engine Out-of-bounds Read Vulnerability

June 23, 2025

CVE ID : CVE-2025-52938

Published : June 23, 2025, 10:15 a.m. | 4 hours, 31 minutes ago

Description : Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C.

This issue affects NotepadNext: through v0.11.

The singlevar() in lparser.c lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52935 – DragonflyDB Redis Lua Integer Overflow

Next Article CVE-2025-52937 – PointCloudLibrary PCL zlib Buffer Overflow

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-52938 – NotepadNext Lua Engine Out-of-bounds Read Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

slop queries for a selection from the user and prints the region to stdout

CVE-2025-29009 – Webkul WooCommerce Medical Prescription Attachment Plugin Unrestricted File Upload Vulnerability

CVE-2025-20984 – Samsung Cloud for Galaxy Watch Default Permission Vulnerability

KitchenOwl – self-hosted grocery list and recipe manager

IBM HMC Vulnerable to Privilege Escalation Attacks

Microsoft Rolls Out June Xbox Updates and Confirms Gamescom Plans

Borderlands 4 is offering a free weapon skin and Golden Keys to unlock loot before the game is even out

Overwatch 2 shows off its ambitious Stadium Mode, new hero, launch date, and more in the new Season 16 gameplay trailer

CVE-2025-52938 – NotepadNext Lua Engine Out-of-bounds Read Vulnerability

Related Posts