Out-of-bounds Read

CVE-2025-52938

Medium

5.1/10

Summary

Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar() in lparser.c lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

Attack Complexity: LOW
Attack Vector: LOCAL
User Interaction: NONE
Privileges Required: NONE

CWE-125 - Out-of-Bounds Read

Out-of-bounds read is a vulnerability that allows access to memory beyond the authorized accessible location. Such a vulnerability compromises the confidentiality of the trusted environment in the application and enables an attacker to launch further attacks by leveraging the exposed information.

References

Advisory Timeline

Published Jun 23, 2025

Out-of-bounds Read

CVE-2025-52938

Summary

CWE-125 - Out-of-Bounds Read

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS