CVE-2026-20841

Publication date

2026-02-10 17:51:50

Family

microsoft

State

PUBLISHED

Description

Improper neutralization of special elements used in a command (command injection) in Windows Notepad App allows an unauthorized attacker to execute code locally.