CVE-2025-49144
- Source
- https://cve.org/CVERecord?id=CVE-2025-49144
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49144.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-49144
- Aliases
-
- GHSA-9vx8-v79m-6m24
- Published
- 2025-06-23T19:01:16.276Z
- Modified
- 2026-02-26T19:34:35.137064Z
- Severity
-
- 7.3 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Notepad++ Privilege Escalation in Installer via Uncontrolled Executable Search Path
- Details
-
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
- Database specific
{ "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-272", "CWE-276", "CWE-427" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/49xxx/CVE-2025-49144.json" }- References
-
- https://drive.google.com/drive/folders/11yeUSWgqHvt4Bz5jO3ilRRfcpQZ6Gvpn
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/49xxx/CVE-2025-49144.json
- https://github.com/notepad-plus-plus/notepad-plus-plus/commit/f2346ea00d5b4d907ed39d8726b38d77c8198f30
- https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-9vx8-v79m-6m24
- https://nvd.nist.gov/vuln/detail/CVE-2025-49144
- https://www.vicarius.io/vsociety/posts/cve-2025-49144-detect-notepad-vulnerability
- https://www.vicarius.io/vsociety/posts/cve-2025-49144-detect-notepad-vulnerability-1
- https://www.vicarius.io/vsociety/posts/cve-2025-49144-mitigate-notepad-vulnerability
- https://www.vicarius.io/vsociety/posts/cve-2025-49144-mitigate-notepad-vulnerability-1
Affected packages
Git / github.com/notepad-plus-plus/notepad-plus-plus
Affected ranges
- Type
- GIT
- Repo
- https://github.com/notepad-plus-plus/notepad-plus-plus
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
7.*
7.2.2
7.3.1
Other
patch-1_#167
patch-2_#268
patch-3_#283
v6
v7
v8
v5.*
v5.4.2
v5.4.3
v5.4.4
v5.4.5
v5.5
v5.5.1
v5.6
v5.6.1
v5.6.2
v5.6.3
v5.6.4
v5.6.5
v5.6.6
v5.6.7
v5.6.8
v5.7
v5.8
v5.8.1
v5.8.2
v5.8.3
v5.8.4
v5.8.5
v5.8.6
v5.8.7
v5.9
v5.9.1
v5.9.2
v5.9.3
v5.9.4
v5.9.5
v5.9.6
v5.9.6.1
v5.9.6.2
v5.9.7
v5.9.8
v6.*
v6.1
v6.1.1
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.2
v6.2.1
v6.2.2
v6.2.3_-_End_of_World_Edition
v6.3
v6.3.1
v6.3.2
v6.3.3
v6.4
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.5
v6.5.1
v6.5.2
v6.5.3
v6.5.4
v6.5.5
v6.6
v6.6.1
v6.6.2
v6.6.3
v6.6.4
v6.6.6_-_Friday_the_13th_edition
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7.1
v6.7.2
v6.7.3
v6.7.4_-_Je_suis_Charlie_edition
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.8.1
v6.7.8.2
v6.7.9
v6.7.9.1
v6.7.9.2
v6.8
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9
v6.9.1
v6.9.2
v7.*
v7.1
v7.2
v7.2.1
v7.2.2
v7.3
v7.3.1
v7.3.2
v7.3.3
v7.4
v7.4.1
v7.4.2
v7.5
v7.5.1
v7.5.2
v7.5.3
v7.5.4
v7.5.5
v7.5.6
v7.5.7
v7.5.8
v7.5.9
v7.6
v7.6.1
v7.6.2
v7.6.3
v7.6.4
v7.6.5
v7.6.6
v7.7
v7.7.1
v7.8
v7.8.1
v7.8.2
v7.8.3
v7.8.4
v7.8.5
v7.8.6
v7.8.7
v7.8.8
v7.8.9
v7.9
v7.9.1
v7.9.2
v7.9.3
v7.9.4
v7.9.5
v8.*
v8.1
v8.1.1
v8.1.2
v8.1.3
v8.1.4
v8.1.5
v8.1.6
v8.1.7
v8.1.8
v8.1.9
v8.1.9.1
v8.1.9.2
v8.1.9.3
v8.2
v8.2.1
v8.3
v8.3.1
v8.3.2
v8.3.3
v8.4
v8.4.1
v8.4.2
v8.4.3
v8.4.4
v8.4.5
v8.4.6
v8.4.7
v8.4.8
v8.4.9
v8.5
v8.5.1
v8.5.2
v8.5.3
v8.5.4
v8.5.5
v8.5.6
v8.5.7
v8.5.8
v8.6
v8.6.1
v8.6.2
v8.6.3
v8.6.4
v8.6.5
v8.6.6
v8.6.7
v8.6.8
v8.6.9
v8.7
v8.7.1
v8.7.2
v8.7.3
v8.7.4
v8.7.5
v8.7.6
v8.7.7
v8.7.8
v8.7.9
v8.8
v8.8.1
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2025-49144-39c82b77",
"target": {
"file": "PowerEditor/src/WinControls/AboutDlg/AboutDlg.cpp"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"73934179812655448165055737310699482624",
"85968448963209917242124120043006684639",
"172862223200600562710544336807765320670",
"301609101041233027849684726318785423858",
"174719166322487855964376375868070734674",
"247875542339173634363367183650461108957",
"99522975011803531364419316283400406538",
"221630942636909589364283828809168556562",
"144088549690105996214811181265758078282"
]
},
"signature_version": "v1",
"source": "https://github.com/notepad-plus-plus/notepad-plus-plus/commit/cc45875c60bbfdd10a9751f33b3f18fe8bb826a7"
},
{
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2025-49144-7616ebe8",
"target": {
"file": "PowerEditor/src/WinControls/AboutDlg/AboutDlg.cpp",
"function": "AboutDlg::run_dlgProc"
},
"digest": {
"length": 2275.0,
"function_hash": "79135054854521377136545161067915968907"
},
"signature_version": "v1",
"source": "https://github.com/notepad-plus-plus/notepad-plus-plus/commit/cc45875c60bbfdd10a9751f33b3f18fe8bb826a7"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49144.json"