Privilege Escalation in Notepad++ Installer Affects Multiple Users
CVE-2025-49144

7.3HIGH

Key Information:

Vendor

Notepad-plus-plus

Status
Notepad-plus-plus
Vendor
CVE Published:
23 June 2025

What is CVE-2025-49144?

A privilege escalation vulnerability exists in the Notepad++ installer versions up to 8.8.1, allowing unprivileged users to elevate their privileges to SYSTEM level through insecure executable search paths. An attacker may exploit this by using social engineering or clickjacking to trick users into downloading the legitimate Notepad++ installer alongside a malicious executable to a susceptible directory, such as the Downloads folder. When the installer is executed, it inadvertently runs the malicious file with elevated privileges, posing a significant security risk. The issue has been addressed and will be resolved in the upcoming Notepad++ version 8.8.2.

Affected Version(s)

notepad-plus-plus < 8.8.2

References

https://github.com/notepad-plus-plus/notepad-plus-plus/se...
x_refsource_CONFIRM
https://github.com/notepad-plus-plus/notepad-plus-plus/co...
x_refsource_MISC
https://drive.google.com/drive/folders/11yeUSWgqHvt4Bz5jO...
x_refsource_MISC

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.