AI description
CVE-2025-49144 is a privilege escalation vulnerability found in Notepad++ version 8.8.1 and prior. It stems from the installer's insecure handling of executable search paths, which could allow an attacker to gain SYSTEM-level privileges. The vulnerability exists because the installer searches for executable dependencies in the current working directory without proper validation. An attacker could exploit this by using social engineering or clickjacking to trick a user into downloading both the legitimate Notepad++ installer and a malicious executable into the same directory (often the Downloads folder). When the user runs the installer, the malicious executable would be loaded and executed with SYSTEM privileges, granting the attacker control over the system. This issue has been addressed in Notepad++ version 8.8.2 by enforcing absolute paths for critical operations.
- Description
- Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.3
- Impact score
- 5.9
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-272
- Hype score
- Not currently trending
⚠️ Weekly vuln radar. https://t.co/Cd6L8AD6Bt – spot what’s trending before it’s everywhere: CVE-2025-29824 CVE-2025-6543 CVE-2025-20337 CVE-2025-6558 (via @_clem1) CVE-2025-49144 CVE-2025-24985 CVE-2025-20274 CVE-2025-23266 (via @nirohfeld @shirtamari) CVE-2021-41773
@ptdbugs
18 Jul 2025
129 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Important security announcement for all Notepad++ users: A serious vulnerability—tracked as CVE-2025-49144—has been discovered not in the editor itself, but in its installer https://t.co/mEoOrmH4lu
@Salsa12__
15 Jul 2025
52 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2025-49144 is a high-severity local privilege escalation vulnerability found in the Notepad++ v8.8.1 and prior version installers. This vulnerability stems from uncontrolled executable search path behavior during installation, allowing a local attacker to gain SYSTEM-level ht
@CyberPentestLab
13 Jul 2025
45 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
A recently disclosed vulnerability, CVE-2025-49144, turns this everyday Windows tool into a privilege escalation vector. 🔍 Explore this breakdown of how it works and what you can do to detect and defend against it. Read more ➡️ https://t.co/jqbUkLTmHR #ThreatResearch ht
@cyberproofinc
10 Jul 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
😈🗡️ Villain of the Week 🗡️😈 A high-severity vulnerability, CVE-2025-49144, has been identified in Notepad++, a widely-used open-source text editor. This flaw allows attackers to achieve privilege escalation by abusing the installer's insecure search path behavior
@vicariusltd
2 Jul 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
😈🗡️ Villain of the Week 🗡️😈 A high-severity vulnerability, CVE-2025-49144, has been identified in Notepad++, a widely-used open-source text editor. This flaw allows attackers to achieve privilege escalation by abusing the installer's insecure search path behavior
@vicariusltd
2 Jul 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC notepad++ cve-2025-49144 https://t.co/AHTqH5nHDZ
@Error400cl
1 Jul 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: La Settimana Cibernetica del 29 giugno 2025 🔹 aggiornamenti per diversi prodotti 🔹 Notepad++: PoC pubblico per lo sfruttamento della CVE-2025-49144 🔹 Dispositivi IoT e servizi di accesso remoto connessi ad Internet: rischi e mitigazioni … https://t.co/9qK
@Vulcanux_
30 Jun 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
La Settimana Cibernetica del 29 giugno 2025 🔹 aggiornamenti per diversi prodotti 🔹 Notepad++: PoC pubblico per lo sfruttamento della CVE-2025-49144 🔹 Dispositivi IoT e servizi di accesso remoto connessi ad Internet: rischi e mitigazioni ⚠️ #EPSS 🔗 https://t.c
@csirt_it
30 Jun 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Proof of Concept (PoC) that exploits the CVE-2025-49144 vulnerability in the Notepad++ 8.8.1 installer. - https://t.co/CiJeC3X4po
@B0ySie7e
29 Jun 2025
37 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144: Notepad++ Privilege Escalation Vulnerability Credit: https://t.co/qek87331yd PoC: https://t.co/HY2sRHJDO7 https://t.co/FWvN60zZvC
@DarkWebInformer
27 Jun 2025
4802 Impressions
12 Retweets
94 Likes
44 Bookmarks
0 Replies
0 Quotes
csirt_it: ‼ #Notepad++: disponibile un #PoC per lo sfruttamento della CVE-2025-49144 che interessa l’installer del noto tool di editing testuale Rischio: 🟠 Tipologia: 🔸 Privilege Escalation 🔗 https://t.co/5dWyMJlS56 🔄 Aggiornamenti disponibili 🔄 https://t.c
@Vulcanux_
27 Jun 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 is a high-severity local privilege escalation flaw in Notepad++ v8.8.1 and earlier installers. It allows a local attacker to gain SYSTEM privileges by exploiting an uncontrolled search path, placing malicious executables alongside the installer.” https://t.co/y65
@hack_sparo
27 Jun 2025
6361 Impressions
16 Retweets
150 Likes
59 Bookmarks
3 Replies
0 Quotes
🚨Notepad++ Users: Act Now! CVE-2025-49144 exposes systems to privilege escalation, granting attackers full control. Affects installer versions ≤ v8.8.1. Update immediately to secure your environment! 🔐 #NotepadPlusPlus #Cybersecurity 🔗 Learn more: https://t.co/3Ke58
@CyberWolfGuard
26 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Flaw in Notepad++ installer could grant attackers SYSTEM access CVE-2025-49144, A high-severity vulnerability in Notepad++ installer versions up to v8.8.1 allows local privilege escalation via insecure executable search paths. Attackers can trick users into placing a malicious h
@dCypherIO
26 Jun 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 : PoC of Local privilege escalation vulnerability found in the Notepad++ v8.8.1 and prior version installers. https://t.co/ymDMExCywq https://t.co/BDEGZC2vGP
@HackingTeam777
26 Jun 2025
1630 Impressions
3 Retweets
22 Likes
13 Bookmarks
0 Replies
0 Quotes
🚨 New Detection Rule: CVE-2025-49144 - Notepad++ LPE via regsvr32 Hijack Here is a Sigma rule for detecting exploitation attempts of CVE-2025-49144 (CVSS 7.3), a local privilege escalation in Notepad++ (<= v8.8.1). https://t.co/0RkItFdxDt https://t.co/c8EtTw9ZGP
@_swachchhanda_
26 Jun 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A newly discovered critical vulnerability, CVE-2025-49144, in Notepad++ could allow attackers to gain full system control through a supply-chain attack. The flaw in v8.8.1’s installer searches insecurely, enabling malicious actors to exploit it easily. https://t.co/sBbAAGZ6wv
@The4n6Analyst
26 Jun 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 : PoC ของช่องโหว่ในการเพิ่มสิทธิพิเศษในท้องถิ่นที่พบใน Notepad++ v8.8.1 และผู้ติดตั้งเวอร์ชันก่อนหน้า https://
@freedomhack101
26 Jun 2025
91 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 Vulnerability: Critical Privilege Escalation Flaw in Notepad++ Leads to Full System Takeover @theluemmel https://t.co/RNu9W1qWDS https://t.co/NAoVCegE3s
@freedomhack101
26 Jun 2025
215 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144) https://t.co/VvtunDhL5n
@zoo_mind
26 Jun 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📝 A flaw in the Notepad++ installer (CVE-2025-49144) could let attackers gain system-level access. If you’ve installed recently, review your setup and patch ASAP. #InstallerRisk #PrivilegeEscalation ⚙️🚨 https://t.co/sPhLUjJJMt
@manuelbissey
26 Jun 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 Vulnerability: Critical Privilege Escalation Flaw in Notepad++ Leads to Full System Takeover Cc @theluemmel https://t.co/aIItOnSo2e https://t.co/n9oK23xQPv
@InayatRajChohan
26 Jun 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
you... need admin to run the installer... this is not EoP in any way - am I missing something? CVE-2025-49144 https://t.co/VsBfm522QM
@AzakaSekai_
26 Jun 2025
8284 Impressions
6 Retweets
140 Likes
26 Bookmarks
6 Replies
0 Quotes
GitHub - TheTorjanCaptain/CVE-2025-49144_PoC: CVE-2025-49144 PoC for security researchers to test and try. - https://t.co/zOR5DiuYHh
@piedpiper1616
26 Jun 2025
1571 Impressions
11 Retweets
22 Likes
12 Bookmarks
1 Reply
0 Quotes
CVE-2025-49144 8.8.2にアップデートするが利用できないと述べている · Issue #16744 · notepad-plus-plus/notepad-plus-plus Notepad++ インストーラ(v8.8.1以前)に binary planting 弱点があり、悪意あるファイルを同一フォルダに置く
@shampoo_101_
25 Jun 2025
105 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
🚨 New PoC drop: CVE-2025-49144 Notepad++ (≤v8.8.1) installer lets attackers gain SYSTEM privileges via fake regsvr32.exe in the Downloads folder. 💥 Local Priv Esc 🛠️ Full working PoC 📎 GitHub: https://t.co/exwHtw2uzU #CyberSecurity #CVE #NotepadPlusPlus
@torjancaptain
25 Jun 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144: An elevation of privilege "vulnerability" Requirement: You need to execute installer as admin 🤣🤣🤣
@filip_dragovic
25 Jun 2025
33023 Impressions
33 Retweets
473 Likes
62 Bookmarks
14 Replies
5 Quotes
פגיעות בתוכנת הכתבן הפופולארית notepad++ תחת cve-2025-49144 עם דיווחים על poc שקיים ברשת. הcve קיבל דירוג של 7.3 בcvss3 ומתייחס לסיכון privilege escalation לוקאלי להרשאות ברמת משתמש
@NirRoitman
25 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
פגיעות בתוכנת הכתבן הפופולארית notepad++ תחת cve-2025-49144 עם דיווחים על poc שקיים ברשת. הcve קיבל דירוג של 7.3 בcvss3 ומתייחס לסיכון privilege escalation לוקאלית להרשאות ברמת משתמ
@NirRoitman
25 Jun 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidad en Notepad++ ❗CVE-2025-49144 ➡️Más info: https://t.co/kkujvAerca https://t.co/U24zcddkbX
@CERTpy
25 Jun 2025
152 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 - Notepad++ 8.8.1 Binary Planting (regsvr32.exe) #CyberSecurity #exploit #0day #CVE #poc #cti #vulnerable #malware https://t.co/laRb3JuH6p
@cx0_s55068
25 Jun 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Notepad++ vulnerability (CVE-2025-49144) allows privilege escalation & SYSTEM access! Exploit PoC available. Update to v8.8.2 ASAP & restrict installs. Full details & mitigation steps here: 🛡️ #Cybersecurity #NotepadPlusPlus #Vulnerability https:/
@fernandokarl
25 Jun 2025
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Vulnerability Alert: #CVE-2025-49144 in #Version 881 https://t.co/ilrubZvaT7 Educational Purposes!
@UndercodeUpdate
25 Jun 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
You should probably not use this version. 8.8.1 CVE-2025-49144 https://t.co/CkvRsymbwT
@theluemmel
25 Jun 2025
21933 Impressions
25 Retweets
211 Likes
121 Bookmarks
4 Replies
4 Quotes
📣 Conoce la alerta de ciberseguridad para hoy martes 24 de junio. ⚠️ Se ha identificado la vulnerabilidad CVE-2025-49144, la cual afecta a Notepad++, un popular editor de código fuente gratuito y de código abierto, en las versiones 8.8.1 y anteriores. Este problema ya f
@PeruPaisDigital
25 Jun 2025
252 Impressions
1 Retweet
2 Likes
0 Bookmarks
1 Reply
0 Quotes
⚠️ New Notepad++ Flaw (CVE-2025-49144) A critical installer bug in v8.8.1 allows SYSTEM-level access via binary planting. 💣 PoC released — patch now to v8.8.2! 🔗 Read more: https://t.co/6B6luv4mwt #CyberSecurity #NotepadPlusPlus #CVE202549144 #PrivilegeEscalation #te
@techpio_team
24 Jun 2025
75 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A critical CVE-2025-49144 vulnerability in Notepad++ v8.8.1 allows privilege escalation to SYSTEM, risking full system control through malicious binaries in installer search paths. Updating to v8.8.2 is crucial. 🚨 #Security #Vulnerability #USA https://t.co/SLkYvye9eg
@TweetThreatNews
24 Jun 2025
47 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 - Notepad++ Vulnerability Allows Full System Takeover In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable paths #notepad http
@NullSecurityX
24 Jun 2025
5583 Impressions
8 Retweets
27 Likes
20 Bookmarks
0 Replies
3 Quotes
🔍 Breaking: CVE-2025-49144 Exposed! 🚨 Notepad++ v8.8.1 Binary Planting Vulnerability Explained 🔒🛡️ 🧐 Read the full breakdown & secure your systems: https://t.co/s4rBeoJtiC #CyberSecurity #NotepadPlusPlus #InfoSec https://t.co/jYHZkidEwf
@BaseFortify
24 Jun 2025
95 Impressions
1 Retweet
2 Likes
0 Bookmarks
1 Reply
0 Quotes
Notepad++ v8.8.1 has a privilege escalation bug (CVE-2025-49144). Attackers can get SYSTEM access via binary planting during install. Update to v8.8.2 now. #cybersecurityawareness
@junaid_nihal
24 Jun 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer tha… https://t.co/fiTMbg6QP2
@CVEnew
23 Jun 2025
6246 Impressions
1 Retweet
16 Likes
4 Bookmarks
0 Replies
1 Quote