Exploit for CVE-2025-49144

CVE-2025-49144PoC 📌 CVE-2025-...

CVE-2025-49144

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

Notepad++ <= 8.8.1 Privilege Escalation Vulnerability

Notepad++ is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2025-49144

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

CVE-2025-49144 Notepad++ Privilege Escalation in Installer via Uncontrolled Executable Search Path

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

CVE-2025-49144 Notepad++ Privilege Escalation in Installer via Uncontrolled Executable Search Path

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

CVE-2025-49144 Notepad++ Privilege Escalation in Installer via Uncontrolled Executable Search Path

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

CVE-2025-49144

CVE-2025-49144 affects Notepad++ installers prior to 8.8.2 (notably v8.8.1). Root cause: insecure executable search paths allow a local attacker to execute a malicious binary (e.g., regsvr32.exe) placed in the same directory as the installer (commonly Downloads), yielding SYSTEM-level privileges ...

Notepad++ 安全漏洞

Notepad++ is an open source plain text editor by Don Ho, an individual developer in Taiwan, China. A security vulnerability exists in Notepad++ 8.8.1 and earlier versions, which is caused by an elevation of privilege in the installer due to an insecure executable search path...

Notepad Next 缓冲区错误漏洞

Notepad Next is a notepad program by dail8859 individual developer. A buffer error vulnerability exists in Notepad Next v0.11 and earlier versions, which stems from out-of-bounds writes to the ldebug.C and lvm.C files...

KLA85380 PE vulnerability in Notepad++

Privilege escalation vulnerability was found in Notepad++. Malicious users can exploit this vulnerability to execute arbitrary code, gain privileges. Original advisories GHSA-9vx8-v79m-6m24 CVE-2025-49144 Exploitation Public exploits exist for this vulnerability. Related products Notepad++ CVE li...

Notepad Next 缓冲区错误漏洞

Notepad Next is a notepad program by dail8859 individual developer. A buffer error vulnerability exists in Notepad Next v0.11 and earlier versions, which stems from an out-of-bounds read in the lparser.C file, which may result in an over-read of the heap buffer...

PT-2025-27024 · Don Ho · Notepad++

Уязвимость установщика текстового редактора Notepad++ связана с недостатками разграничения доступа в результате неконтролируемого элемента пути поиска. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии и записывать произвольные файлы...

PT-2025-26637

Name of the Vulnerable Software and Affected Versions Notepad++ versions 8.8.1 and prior Description Notepad++ is a free and open-source source code editor. A privilege escalation flaw exists in the Notepad++ installer versions 8.8.1 and prior due to insecure executable search paths. This allows...

Exploit for Uncontrolled Search Path Element in Notepad-Plus-Plus Notepad\+\+

⚠️ IMPORTANT NOTICE: For security research and educational p...

CVE-2024-42036

Access permission verification vulnerability in the Notepad module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2023-0909

A vulnerability, which was classified as problematic, was found in cxasm notepad-- 1.22. This affects an unknown part of the component Directory Comparison Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The associated identifier of this...

CVE-2023-47452

An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory...

CVE-2023-34159

Improper permission control vulnerability in the Notepad app.Successful exploitation of the vulnerability may lead to privilege escalation, which affects availability and confidentiality...

CVE-2023-40031

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in Utf816Read::convert. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++...