CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Cvelist•added 2026/02/03 12:50 a.m.•29 views

CVE-2025-15556 Notepad++ < 8.8.9 WinGUp Updater Lacks Update Integrity Verification

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download a...

7.7CVSS0.01268EPSS

Exploits0References5

CVE•added 2026/02/03 12:50 a.m.•47 views

CVE-2025-15556

The CVE concerns Notepad++ versions prior to 8.8.9 with the WinGUp updater. The root cause is that downloaded update metadata and installers are not cryptographically verified, allowing an attacker who can intercept or redirect update traffic to deliver and execute a malicious installer. This can...

7.7CVSS6.4AI score0.01268EPSS

In wildExploits0References7Affected Software1

ATTACKERKB•added 2026/02/03 12:50 a.m.•4 views

CVE-2025-15556

7.7CVSS6.4AI score0.01268EPSS

Exploits0References6

Vulnrichment•added 2026/02/03 12:50 a.m.•2 views

CVE-2025-15556 Notepad++ < 8.8.9 WinGUp Updater Lacks Update Integrity Verification

7.7CVSS6.4AI score0.01268EPSS

Exploits0References5

VulnCheck KEV•added 2026/02/02 12:0 a.m.•1 views

VulnCheck KEV: CVE-2025-15556

7.7CVSS6.4AI score0.01268EPSS

In wildExploits0References7

Positive Technologies•added 2025/12/09 12:0 a.m.•5 views

PT-2026-5735

Name of the Vulnerable Software and Affected Versions Notepad++ versions prior to 8.8.9 Description The Notepad++ WinGUp updater has a flaw in how it verifies the integrity of updates. This allows an attacker who can intercept or redirect update traffic to cause the updater to download and execut...

7.7CVSS6.7AI score0.01268EPSS

Exploits0References47