{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2018-25271", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-22T14:32:51.752Z", "datePublished": "2026-04-22T14:57:04.665Z", "dateUpdated": "2026-04-22T15:40:01.102Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-22T14:57:04.665Z"}, "title": "Textpad 8.1.2 Denial of Service via Run Command", "descriptions": [{"lang": "en", "value": "Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools > Run to trigger a buffer overflow that crashes the application."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "affected": [{"vendor": "Textpad", "product": "Textpad", "versions": [{"version": "8.1.2", "status": "affected"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:helios:textpad:8.1.2:*:*:*:*:*:*:*"}]}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/45956", "name": "ExploitDB-45956", "tags": ["exploit"]}, {"url": "https://textpad.com", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://www.textpad.com/download/v81/win32/txpeng812-32.zip", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: Textpad 8.1.2 Denial of Service via Run Command", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/textpad-denial-of-service-via-run-command"}], "credits": [{"lang": "en", "value": "Gionathan \"John\" Reale", "type": "finder"}], "x_generator": {"engine": "vulncheck"}, "datePublic": "2018-12-09T00:00:00.000Z"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-22T15:39:55.421473Z", "id": "CVE-2018-25271", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T15:40:01.102Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-25271", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-22T15:39:55.421473Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T15:39:58.033Z"}}], "cna": {"title": "Textpad 8.1.2 Denial of Service via Run Command", "credits": [{"lang": "en", "type": "finder", "value": "Gionathan \"John\" Reale"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Textpad", "product": "Textpad", "versions": [{"status": "affected", "version": "8.1.2"}]}], "datePublic": "2018-12-09T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/45956", "name": "ExploitDB-45956", "tags": ["exploit"]}, {"url": "https://textpad.com", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://www.textpad.com/download/v81/win32/txpeng812-32.zip", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/textpad-denial-of-service-via-run-command", "name": "VulnCheck Advisory: Textpad 8.1.2 Denial of Service via Run Command", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools > Run to trigger a buffer overflow that crashes the application."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:helios:textpad:8.1.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-22T14:57:04.665Z"}}}, "cveMetadata": {"cveId": "CVE-2018-25271", "state": "PUBLISHED", "dateUpdated": "2026-04-22T15:40:01.102Z", "dateReserved": "2026-04-22T14:32:51.752Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-22T14:57:04.665Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:helios:textpad:8.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "3949CE3E-58C0-4DC7-9B6A-503657CC2AF7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools > Run to trigger a buffer overflow that crashes the application."}], "id": "CVE-2018-25271", "lastModified": "2026-04-27T17:13:26.447", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-22T16:16:47.967", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://textpad.com"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/45956"}, {"source": "disclosure@vulncheck.com", "tags": ["Broken Link"], "url": "https://www.textpad.com/download/v81/win32/txpeng812-32.zip"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/textpad-denial-of-service-via-run-command"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "8.1.2"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "textpad", "vendor": "helios"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "8.1.2"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Textpad", "source": "cna", "vendor": "Textpad"}, "product": "textpad", "vendor": "textpad"}], "analysis": {"en": {"generated_at": "2026-04-22T18:26:53.793575+00:00", "value": {"mitigation_remediation": ["Upgrade Textpad to a version that fixes the Run command buffer overflow", "If an upgrade is not immediately available, disable or remove the Run command feature in the application settings", "Apply local account restrictions to limit which users can access the Run command", "If the software is not essential, uninstall Textpad\u00a08.1.2 to eliminate the risk"], "summary": {"action": "Assess Impact", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The affected product is Textpad version\u00a08.1.2. No other versions were reported as vulnerable in the available data. The risk is confined to installations of this specific build and may not extend to later releases.", "description_and_impact": "Textpad\u00a08.1.2 allows local attackers to crash the program by supplying an overly long string to the Run command. The overflow occurs when a 5000\u2011byte payload is entered via Tools\u202f>\u202fRun, triggering the application to terminate. This is a typical buffer overflow flaw (CWE\u2011787) that results in a denial of service but does not provide arbitrary code execution or impact beyond the crashed process. The vulnerability is limited to the host running the software and does not expose external network interfaces to remote exploitation.", "risk_and_exploitability": "The CVSS score of 6.9 indicates a moderate severity for local users. EPSS is not provided, so the likelihood of exploitation cannot be quantified. The vulnerability is not listed in the CISA KEV catalog. Attackers must be able to run commands locally to trigger the overflow, which typically requires privileged or at least authenticated user access on the machine. No publicly known exploits are documented, but the exploit path is straightforward and reproducible as described in the advisory."}}}}, "created": "2026-04-22T18:30:23.754993+00:00", "updated": "2026-04-27T19:54:54.595383+00:00", "vendors": ["helios", "helios$PRODUCT$textpad", "textpad", "textpad$PRODUCT$textpad"]}