Update Integrity Verification Vulnerability in Notepad++ by Notepad++
CVE-2025-15556

7.7HIGH

Key Information:

Vendor: Notepad-plus-plus
Status: Notepad-plus-plus
Vendor: CVE Published:; 3 February 2026

🔔 Create Notepad-plus-plus Vulnerability Alert

Badges

👾 Exploit Exists🦅 CISA Reported

What is CVE-2025-15556?

Notepad++ versions prior to 8.8.9, when utilizing the WinGUp updater, exhibit a significant vulnerability where the integrity of update metadata and installers is not subjected to cryptographic verification. This flaw allows an attacker to intercept or alter update traffic, leading to the potential for malicious installers to be downloaded and executed. Consequently, this may result in arbitrary code execution under the privileges of the user, posing a serious security risk to affected systems.

CISA has reported CVE-2025-15556

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-15556 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch