A recently discovered Notepad++ vulnerability (CVE-2025-49144) allows attackers to gain system-level privileges. Severity level: CVSS Score: 7.3/High Description: Notepad++ is a free and open-source source code editor. A privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory. Affected Versions: 8.8.1 and prior. Impact: Successful exploitation allows full control of the systems. Resolution: Update to the version 8.8.2.
