VYPR
High severity7.0NVD Advisory· Published Mar 22, 2026· Updated Apr 30, 2026

CVE-2026-4546

CVE-2026-4546

Description

A weakness has been identified in Flos Freeware Notepad2 4.2.25. This impacts an unknown function in the library TextShaping.dll. Executing a manipulation can lead to uncontrolled search path. The attack is restricted to local execution. The attack requires a high level of complexity. The exploitability is said to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Affected products

2
  • cpe:2.3:a:flos-freeware:notepad2:4.2.25:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:flos-freeware:notepad2:4.2.25:*:*:*:*:*:*:*
    • (no CPE)range: = 4.2.25

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.