Unrated severityNVD Advisory· Published Sep 28, 2022· Updated May 21, 2025

notepad-plus-plus - DLL Hijacking

CVE-2022-32168

Description

Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.

Affected products

Notepad Plus Plus/Notepad Plus Plusv5
Range: v8.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/notepad-plus-plus/notepad-plus-plus/commit/85d7215d9b3e0d5a8433fc31aec4f2966821051emitrex_refsource_MISC
www.mend.io/vulnerability-database/CVE-2022-32168mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000