Notepad ++

Notepad++ exploit

CVE-2025-49144

Privilege Escalation

The vulnerability affects the Notepad++ v8.8.1 installer released on May 5, 2025, exploiting an uncontrolled executable search path that enables local privilege escalation attacks.

Attackers can place a malicious executable, such as a compromised regsvr32.exe, in the same directory as the Notepad++ installer, by default Download folder.

Interesting Books

Interesting Books

Disclaimer: As an Amazon Associate, I earn from qualifying purchases. This helps support this GitBook project at no extra cost to you.

Support this Gitbook

I hope it helps you as much as it has helped me. If you can support me in any way, I would deeply appreciate it.

Last updated