CNNVD-202602-526 Information
CNNVD ID
CNNVD-202602-526
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Notepad++是中国台湾侯今吾(Don Ho)个人开发者的一款开源的纯文本编辑器。 Notepad++ 8.8.9之前版本存在安全漏洞,该漏洞源于使用WinGUp更新器时更新完整性验证不足,可能导致执行任意代码。
Description (English)
Notepad++ is an open-source text editor for Don Ho, a personal developer in Taiwan. There was a security loophole in the pre-Reepad++8.8.9 version, which resulted from inadequate completeness verification updates when using WinGup upgrades, which could lead to the implementation of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2026-02-03
Last Modified
2026-02-24
References
https://community.notepad-plus-plus.org/topic/27298/notepad-v8-8-9-vulnerability-fix https://github.com/notepad-plus-plus/notepad-plus-plus/commit/bcf2aa68ef414338d717e20e059459570ed6c5ab https://github.com/notepad-plus-plus/wingup/commit/ce0037549995ed0396cc363544d14b3425614fdb https://notepad-plus-plus.org/news/hijacked-incident-info-update/ https://www.vulncheck.com/advisories/notepad-plus-plus-wingup-updater-lacks-update-integrity-verification
Patch
https://notepad-plus-plus.org/downloads/
Share on: