PT-2026-26976 · Flos+1 · Notepad2+1

Haehanse

Publicado

2026-03-22

Atualizado

2026-04-30

CVE-2026-4545

CVSS v3.1

7.0

Alta

Vetor

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Flos Freeware Notepad2 version 4.2.25

Description A security flaw exists in Flos Freeware Notepad2 that involves an uncontrolled search path within the PROPSYS.dll library. Exploitation requires local access and is considered difficult. The issue involves manipulation of an unknown function within the library. The vendor was contacted regarding this disclosure but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Uncontrolled Search Path Element

Untrusted Search Path

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-427CWE-426

Identificadores relacionados

CVE-2026-4545

Produtos afetados

Notepad2

Propsys.Dll

PT-2026-26976 · Flos+1 · Notepad2+1

CVE-2026-4545

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9