It looks like the exploit would cause notepad to retrieve and execute arbitrary code when a malicious link is clicked.

The worst part of enshittification is all these search tools erring on the side of too many results than not enough.