CVE-2026-3008

Successful exploitation of the
string injection vulnerability could allow an attacker to obtain memory address
information or crash the application.

More information : https://community.notepad-plus-plus.org/topic/27500/notepad-v8-9-4-release-candidate