CVE-2025-15556

Published Feb 3, 2026

Last updated 8 hours ago

CVSS high 7.7

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-15556 describes an update integrity verification vulnerability present in Notepad++ versions prior to 8.8.9. This flaw specifically affects the WinGUp updater component, which fails to cryptographically verify downloaded update metadata and installers. An attacker capable of intercepting or redirecting update traffic can exploit this vulnerability. By doing so, they can cause the WinGUp updater to download and execute a malicious, attacker-controlled installer. This ultimately results in arbitrary code execution with the privileges of the user.

Description
Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download and execute an attacker-controlled installer, resulting in arbitrary code execution with the privileges of the user.
Source
disclosure@vulncheck.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
7.7
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

Weaknesses

disclosure@vulncheck.com
CWE-494

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

15

  1. CISAが4つの既知の脆弱性をカタログに追加 https://t.co/IcMspqhS2E CVE-2024-43468 Microsoft Configuration Manager の SQL インジェクション脆弱性 CVE-2025-15556 Notepad++ における整合性チェックなしのコードダウンロードの脆弱性

    @cloudsec_news

    12 Feb 2026

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-15556 #Notepad++ Download of Code Without Integrity Check Vulnerability https://t.co/wcT0RLNwTt

    @ScyScan

    12 Feb 2026

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🛡️ We added Microsoft vulnerability CVE-2024-43468, Notepad++ vulnerability CVE-2025-15556, SolarWinds vulnerability CVE 2025-40536, & Apple vulnerability CVE-2026-20700 to our KEV Catalog. Apply mitigations to protect your org from cyberattacks. https://t.co/myxOwap1Tf

    @CISACyber

    12 Feb 2026

    3872 Impressions

    23 Retweets

    55 Likes

    4 Bookmarks

    0 Replies

    1 Quote

  4. ‼️ CISA has added 3 vulnerabilities to the KEV Catalog CVE-2025-15556: Notepad++ Download of Code Without Integrity Check Vulnerability: Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to

    @DarkWebInformer

    12 Feb 2026

    6826 Impressions

    11 Retweets

    54 Likes

    18 Bookmarks

    0 Replies

    1 Quote

  5. IoCs and detection rules for the Notepad++ supply chain attack (CVE-2025-15556) #notepadplusplus #notepad https://t.co/oUjpx55E0T

    @renat0z3r0

    9 Feb 2026

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 Notepad++ [—] Feb 05, 2026 Comprehensive Security Advisory on Hijacked Update Mechanism, CVE-2025-15556, and Ongoing Remediation Measures Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #CyberSecurity https://t.co/CXGTNZ4EXx

    @transilienceai

    5 Feb 2026

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2025-15556 Notepad++ WinGUp Updater Unverified Update Metadata Leads to Code... https://t.co/jIv5cx44OW Customizable Vulnerability Alerts: https://t.co/U7998fz7yk

    @VulmonFeeds

    3 Feb 2026

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. csirt_it: !! #Notepad++: Compromissione dell'infrastruttura di aggiornamento nel noto editor testuale - CVE-2025-15556 Rischio: 🔴 Tipologia: 🔸 Arbitrary Code Execution 🔸 URL Redirection 🔗 https://t.co/OVzmgpHTJh 🔄 Aggiornamenti disponibili 🔄 https://t.co

    @Vulcanux_

    3 Feb 2026

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. !! #Notepad++: Compromissione dell'infrastruttura di aggiornamento nel noto editor testuale - CVE-2025-15556 Rischio: 🔴 Tipologia: 🔸 Arbitrary Code Execution 🔸 URL Redirection 🔗 https://t.co/gGMYy4m9Sb 🔄 Aggiornamenti disponibili 🔄 https://t.co/6gdB42mDB

    @csirt_it

    3 Feb 2026

    652 Impressions

    0 Retweets

    9 Likes

    2 Bookmarks

    0 Replies

    1 Quote

  10. CVE-2025-15556 Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installe… https://t.co/dLRQl1r4IY

    @CVEnew

    3 Feb 2026

    171 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.