CVE-2025-52938

Vulnerability Description

Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar() in lparser.c lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

Related Weaknesses (CWE)

CWE-125

References

https://github.com/dail8859/NotepadNext/commit/66b8a97d9fdfd2257996875716f39c18d
https://github.com/dail8859/NotepadNext/pull/756

FAQ

What is CVE-2025-52938?

CVE-2025-52938 is a documented vulnerability. Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The sin...

How severe is CVE-2025-52938?

CVSS scoring is not yet available for CVE-2025-52938. Check NVD for updates.

Is there a patch for CVE-2025-52938?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.