CVE-2026-25926 | notepad-plus-plus Notepad++ up to 8.9.1 explorer.exe untrusted search path (GHSA-rjvm-fcxw-2jxq)

Inserito da Angelo Barbosa | Feb 19, 2026 | CVE

A vulnerability labeled as problematic has been found in notepad-plus-plus Notepad++ up to 8.9.1. This affects an unknown part of the file explorer.exe. Executing a manipulation can lead to untrusted search path.

This vulnerability appears as CVE-2026-25926. The attack requires local access. There is no available exploit.

The affected component should be upgraded.

CVE-2026-25926 | notepad-plus-plus Notepad++ up to 8.9.1 explorer.exe untrusted search path (GHSA-rjvm-fcxw-2jxq)

Post correlati

CVE-2024-7607 | Front End Users Plugin up to 3.2.28 on WordPress sql injection

CVE-2024-53034 | Qualcomm Snapdragon Compute FastConnect 6900 up to WSA8845 Kernel Mode CPU untrusted pointer dereference

CVE-2025-68906 | JNews Plugin up to 11.0.2 on WordPress cross site scripting

CVE-2024-43853 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 cpuset proc_cpuset_show use after free