CNNVD-202506-2980 Information

CNNVD ID

CNNVD-202506-2980

Related CVE

CVE-2025-49144

• CNNVD Published: 2025-06-23

Description (Chinese)

Notepad++是中国台湾侯今吾（Don Ho）个人开发者的一款开源的纯文本编辑器。 Notepad++ 8.8.1及之前版本存在安全漏洞，该漏洞源于安装程序存在不安全可执行文件搜索路径导致权限提升。

Description (English)

Notepad++ is an open-source text editor for Don Ho, a personal developer in Taiwan. There is a security loophole in the notepad++8.8.1 and earlier versions, which results from the installation of an unsafe, implementable file search path leading to an increase in privileges.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-06-23

Last Modified

2026-02-24

References

https://github.com/notepad-plus-plus/notepad-plus-plus/commit/f2346ea00d5b4d907ed39d8726b38d77c8198f30 https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-9vx8-v79m-6m24 https://drive.google.com/drive/folders/11yeUSWgqHvt4Bz5jO3ilRRfcpQZ6Gvpn https://access.redhat.com/security/cve/cve-2025-49144 https://vigilance.fr/vulnerability/Notepad-privilege-escalation-via-Regsvr32-exe-Search-Path-47487