CVE-2026-25926 | notepad-plus-plus Notepad++ up to 8.9.1 explorer.exe untrusted search path (GHSA-rjvm-fcxw-2jxq)

Inserito da Angelo Barbosa | Feb 19, 2026 | CVE

A vulnerability labeled as problematic has been found in notepad-plus-plus Notepad++ up to 8.9.1. This affects an unknown part of the file explorer.exe. Executing a manipulation can lead to untrusted search path.

This vulnerability appears as CVE-2026-25926. The attack requires local access. There is no available exploit.

The affected component should be upgraded.

CVE-2026-25926 | notepad-plus-plus Notepad++ up to 8.9.1 explorer.exe untrusted search path (GHSA-rjvm-fcxw-2jxq)

Post correlati

CVE-2024-46902 | Trend Micro Deep Discovery Inspector sql injection (ZDI-24-1227)

CVE-2024-56003 | David Cramer Caldera SMTP Mailer Plugin up to 1.0.1 on WordPress authorization

CVE-2024-2558 | Tenda AC18 15.03.05.05 /goform/execCommand formexeCommand cmdinput stack-based overflow

CVE-2025-1113 | taisan tarzan-cms up to 1.0.0 Add Theme /admin#themes upload deserialization (IBHZ0J)