vulnerability
NotepadPlusPlus: CVE-2025-56383: Uncontrolled Search Path Element
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Sep 26, 2025 | Oct 13, 2025 | Nov 21, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Sep 26, 2025
Added
Oct 13, 2025
Modified
Nov 21, 2025
Description
Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary unprivileged users.
Solution
notepadplusplus-notepadplusplus-upgrade-latest
References
- CWE-427
- CVE-2025-56383
- https://attackerkb.com/topics/CVE-2025-56383
- URL-https://github.com/notepad-plus-plus/notepad-plus-plus
- URL-https://github.com/zer0t0/CVE-2025-56383-Proof-of-Concept
- URL-https://github.com/zer0t0/CVE-2025-56383-Proof-of-Concept/issues/1
- URL-https://www.vicarius.io/vsociety/posts/cve-2025-56383-detect-notepad-vulnerability
- URL-https://www.vicarius.io/vsociety/posts/cve-2025-56383-mitigate-notepad-vulnerability
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.