Notepad Plus Plus
Source repositories
CVEs (20)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-56383 | Hig | 0.55 | 8.4 | 0.00 | Sep 26, 2025 | Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by… | ||
| CVE-2026-3008 | Med | 0.43 | 6.6 | 0.00 | Apr 27, 2026 | Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or crash the application. | ||
| CVE-2025-49144 | Hig | 0.40 | 7.3 | 0.00 | Jun 23, 2025 | Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker… | ||
| CVE-2026-5525 | Med | 0.32 | 6.0 | 0.00 | Apr 10, 2026 | A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without… | ||
| CVE-2026-6539 | Med | 0.29 | 4.4 | 0.00 | Apr 30, 2026 | Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious nativeLang.xml language pack file. Attackers can distribute a poisoned language… | ||
| CVE-2025-15556 | 0.12 | — | 0.01 | KEV | Feb 3, 2026 | Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the… | ||
| CVE-2014-9456 | 0.04 | — | 0.11 | Jan 2, 2015 | Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. NOTE: this issue was originally incorrectly mapped to CVE-2014-1004; see CVE-2014-1004 for more information. | |||
| CVE-2007-2666 | 0.04 | — | 0.15 | May 14, 2007 | Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a… | |||
| CVE-2026-25926 | 0.00 | — | 0.00 | Feb 18, 2026 | Notepad++ is a free and open-source source code editor. An Unsafe Search Path vulnerability (CWE-426) exists in versions prior to 8.9.2 when launching Windows Explorer without an absolute executable path. This may allow execution of a malicious explorer.exe if an attacker can… | |||
| CVE-2023-6401 | 0.00 | — | 0.00 | Nov 30, 2023 | A vulnerability classified as problematic was found in NotePad++ up to 8.1. Affected by this vulnerability is an unknown functionality of the file dbghelp.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The identifier VDB-246421… | |||
| CVE-2023-47452 | 0.00 | — | 0.01 | Nov 30, 2023 | An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory. | |||
| CVE-2023-40166 | 0.00 | — | 0.00 | Aug 25, 2023 | Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in `FileManager::detectLanguageFromTextBegining `. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory… | |||
| CVE-2023-40164 | 0.00 | — | 0.01 | Aug 25, 2023 | Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `nsCodingStateMachine::NextStater`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation… | |||
| CVE-2023-40036 | 0.00 | — | 0.00 | Aug 25, 2023 | Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `CharDistributionAnalysis::HandleOneChar`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory… | |||
| CVE-2023-40031 | 0.00 | — | 0.00 | Aug 25, 2023 | Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in `Utf8_16_Read::convert`. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing… | |||
| CVE-2022-31902 | 0.00 | — | 0.01 | Feb 1, 2023 | Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add(). | |||
| CVE-2022-31901 | 0.00 | — | 0.01 | Jan 19, 2023 | Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files. | |||
| CVE-2022-32168 | 0.00 | — | 0.01 | Sep 28, 2022 | Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++. | |||
| CVE-2019-16294 | 0.00 | — | 0.10 | Sep 14, 2019 | SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file. | |||
| CVE-2008-3436 | 0.00 | — | 0.02 | Aug 1, 2008 | The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. |
- risk 0.55cvss 8.4epss 0.00
Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by…
- risk 0.43cvss 6.6epss 0.00
Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or crash the application.
- risk 0.40cvss 7.3epss 0.00
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker…
- risk 0.32cvss 6.0epss 0.00
A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without…
- risk 0.29cvss 4.4epss 0.00
Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious nativeLang.xml language pack file. Attackers can distribute a poisoned language…
- risk 0.12cvss —epss 0.01
Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the…
- CVE-2014-9456Jan 2, 2015risk 0.04cvss —epss 0.11
Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. NOTE: this issue was originally incorrectly mapped to CVE-2014-1004; see CVE-2014-1004 for more information.
- CVE-2007-2666May 14, 2007risk 0.04cvss —epss 0.15
Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a…
- CVE-2026-25926Feb 18, 2026risk 0.00cvss —epss 0.00
Notepad++ is a free and open-source source code editor. An Unsafe Search Path vulnerability (CWE-426) exists in versions prior to 8.9.2 when launching Windows Explorer without an absolute executable path. This may allow execution of a malicious explorer.exe if an attacker can…
- CVE-2023-6401Nov 30, 2023risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in NotePad++ up to 8.1. Affected by this vulnerability is an unknown functionality of the file dbghelp.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The identifier VDB-246421…
- CVE-2023-47452Nov 30, 2023risk 0.00cvss —epss 0.01
An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory.
- CVE-2023-40166Aug 25, 2023risk 0.00cvss —epss 0.00
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in `FileManager::detectLanguageFromTextBegining `. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory…
- CVE-2023-40164Aug 25, 2023risk 0.00cvss —epss 0.01
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `nsCodingStateMachine::NextStater`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation…
- CVE-2023-40036Aug 25, 2023risk 0.00cvss —epss 0.00
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `CharDistributionAnalysis::HandleOneChar`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory…
- CVE-2023-40031Aug 25, 2023risk 0.00cvss —epss 0.00
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in `Utf8_16_Read::convert`. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing…
- CVE-2022-31902Feb 1, 2023risk 0.00cvss —epss 0.01
Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add().
- CVE-2022-31901Jan 19, 2023risk 0.00cvss —epss 0.01
Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files.
- CVE-2022-32168Sep 28, 2022risk 0.00cvss —epss 0.01
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.
- CVE-2019-16294Sep 14, 2019risk 0.00cvss —epss 0.10
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
- CVE-2008-3436Aug 1, 2008risk 0.00cvss —epss 0.02
The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.