CVE-2026-46710

Source
https://cve.org/CVERecord?id=CVE-2026-46710
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46710.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46710
Aliases
  • GHSA-6f8f-vmfc-r8c5
Published
2026-06-26T20:16:16.022Z
Modified
2026-07-15T01:49:16.968326722Z
Severity
  • 7.5 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Notepad++: Privilege Escalation in the Installer via Uncontrolled Executable Search Path
Details

Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without using an absolute path after setting the working directory to the installation contextMenu directory. If an attacker can pre-place a malicious powershell.exe in a user-writable custom installation directory, and a privileged user later runs the installer and selects that directory, the attacker-controlled executable is launched with the elevated privileges of the installer. This vulnerability is fixed in 8.9.6.

Database specific
{
    "cwe_ids": [
        "CWE-426"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46710.json",
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/notepad-plus-plus/notepad-plus-plus

Affected ranges

Type
GIT
Repo
https://github.com/notepad-plus-plus/notepad-plus-plus
Events
Database specific
{
    "cpe": "cpe:2.3:a:notepad-plus-plus:notepad\\+\\+:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "8.9.4"
        },
        {
            "fixed": "8.9.6"
        }
    ],
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ]
}

Affected versions

v8.*
v8.9.4
v8.9.5

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46710.json"