PoC for a remote code execution flaw in Windows Notepad's markdown renderer. The markdown engine does not restrict URL protocols, allowing arbitrary protocol handlers to be triggered via clickable links
-
Updated
Feb 12, 2026
PoC for a remote code execution flaw in Windows Notepad's markdown renderer. The markdown engine does not restrict URL protocols, allowing arbitrary protocol handlers to be triggered via clickable links
A community-curated, verified collection of Proof-of-Concept exploits for CVEs disclosed in 2026.
Add a description, image, and links to the securewithumer topic page so that developers can more easily learn about it.
To associate your repository with the securewithumer topic, visit your repo's landing page and select "manage topics."