Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links
A Notepad Markdown vulnerability allowed remote code execution via malicious links; Microsoft patched CVE-2026-20841 and found no evidence of exploitation.
Notepad's new Markdown powers served with a side of RCE
Notepad's Markdown support contains a vulnerability (CVE-2026-20841) that can achieve remote code execution when users open a malicious Markdown file and click a link.
