anonhaven
Ad

CVE-2025-15556

HIGH CVSS 4.0: 7.7 EPSS 5.33% ACTIVE EXPLOIT
Updated Feb 03, 2026
Notepad

CISA Known Exploited Vulnerability (KEV)

This vulnerability is actively exploited in the wild. Immediate patching is strongly recommended.

Due Date: Mar 05, 2026

Parameter Value
CVSS 7.7 (HIGH)
Affected Versions before 8.8.9
Type CWE-494
Vendor Notepad
Public PoC No

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download and execute an attacker-controlled installer, resulting in arbitrary code execution with the privileges of the user.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
High
Difficult to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
Passive
Minimal interaction

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-494

References 5

https://community.notepad-plus-plus.org/topic/27298/notepad-v8-8-9-vulnerabilit…
disclosure@vulncheck.com
https://github.com/notepad-plus-plus/notepad-plus-plus/commit/bcf2aa68ef414338d…
disclosure@vulncheck.com
https://github.com/notepad-plus-plus/wingup/commit/ce0037549995ed0396cc363544d1…
disclosure@vulncheck.com
https://notepad-plus-plus.org/news/hijacked-incident-info-update/
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/notepad-plus-plus-wingup-updater-lacks-upd…
disclosure@vulncheck.com
Share Post Share Share Share