CVE-2026-25926

Name of the Vulnerable Software and Affected Versions Notepad++ versions prior to 8.9.2

Description Notepad++ is a free and open-source source code editor. An Unsafe Search Path issue (CWE-426) exists when launching Windows Explorer without an absolute executable path. This could allow execution of a malicious explorer.exe if an attacker can control the process working directory. Under certain conditions, this could lead to arbitrary code execution in the context of the running application. The vulnerability was exploited in attacks where malicious actors targeted the update mechanism to distribute malware, such as Chrysalis. The update mechanism now verifies file signatures and XML file signatures from update servers to prevent data tampering and malicious DLL loading.

Recommendations Update Notepad++ to version 8.9.2 or later.