{"id":2584,"date":"2026-02-06T11:53:58","date_gmt":"2026-02-06T16:53:58","guid":{"rendered":"https:\/\/www.yorku.ca\/uit\/infosec\/?p=2584"},"modified":"2026-02-06T11:54:01","modified_gmt":"2026-02-06T16:54:01","slug":"notepad-vulnerability-cve-2025-15556","status":"publish","type":"post","link":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/","title":{"rendered":"Notepad ++ Vulnerability (CVE-2025-15556)"},"content":{"rendered":"\n<p>A recently discovered Notepad++ vulnerability (CVE\u20112025\u201115556) allows attackers to execute arbitrary code by exploiting insecure update integrity verification.<\/p>\n\n\n\n<p><strong>Severity level<\/strong><strong>&nbsp;<\/strong><\/p>\n\n\n\n<p>CVSS Score: 7.7\/high<\/p>\n\n\n\n<p><strong>Description<\/strong>:- \u00a0Notepad++ is a free and open-source source code editor. A vulnerability exists in Notepad++ versions prior to 8.8.9 involving the WinGUp updater, which fails to cryptographically verify downloaded update metadata and installer files. An attacker who can intercept or redirect update traffic may fraudulently supply a malicious installer that the updater will download and run. This can result in arbitrary code execution with the privileges of the user, potentially compromising the system. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory.\u00a0<\/p>\n\n\n\n<p><strong>Affected Versions\u00a0:-\u00a0 \u00a0<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>All versions prior to 8.8.9.<\/li>\n<\/ul>\n\n\n\n<p><strong>Impact:-<\/strong><\/p>\n\n\n\n<p>Successful exploitation enables attackers to execute arbitrary code potentially leading to compromise of affected systems.<\/p>\n\n\n\n<p><strong>Resolution:-<\/strong><\/p>\n\n\n\n<p>Update to the version 8.8.9 or later.<\/p>\n\n\n\n<p>Reference:-<\/p>\n\n\n\n<p><a href=\"https:\/\/notepad-plus-plus.org\/news\/hijacked-incident-info-update\">https:\/\/notepad-plus-plus.org\/news\/hijacked-incident-info-update<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-15556\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-15556<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.tenable.com\/cve\/CVE-2025-15556\">https:\/\/www.tenable.com\/cve\/CVE-2025-15556<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.tenable.com\/blog\/frequently-asked-questions-about-notepad-supply-chain-compromise\">https:\/\/www.tenable.com\/blog\/frequently-asked-questions-about-notepad-supply-chain-compromise<\/a><\/p>\n\n\n\n<p>UIT Information&nbsp;Security<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A recently discovered Notepad++ vulnerability (CVE\u20112025\u201115556) allows attackers to execute arbitrary code by exploiting insecure update integrity verification. Severity level&nbsp; CVSS Score: 7.7\/high Description:- \u00a0Notepad++ is a free and open-source source code editor. A vulnerability exists in Notepad++ versions prior to 8.8.9 involving the WinGUp updater, which fails to cryptographically verify downloaded update metadata and [&hellip;]<\/p>\n","protected":false},"author":2694,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","ngg_post_thumbnail":0,"footnotes":""},"categories":[31],"tags":[],"class_list":["post-2584","post","type-post","status-publish","format-standard","hentry","category-vulnerabilities"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Notepad ++ Vulnerability (CVE-2025-15556) - Information Security<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Notepad ++ Vulnerability (CVE-2025-15556) - Information Security\" \/>\n<meta property=\"og:description\" content=\"A recently discovered Notepad++ vulnerability (CVE\u20112025\u201115556) allows attackers to execute arbitrary code by exploiting insecure update integrity verification. Severity level&nbsp; CVSS Score: 7.7\/high Description:- \u00a0Notepad++ is a free and open-source source code editor. A vulnerability exists in Notepad++ versions prior to 8.8.9 involving the WinGUp updater, which fails to cryptographically verify downloaded update metadata and [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/\" \/>\n<meta property=\"og:site_name\" content=\"Information Security\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-06T16:53:58+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-02-06T16:54:01+00:00\" \/>\n<meta name=\"author\" content=\"kasingh\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"kasingh\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/2026\\\/02\\\/06\\\/notepad-vulnerability-cve-2025-15556\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/2026\\\/02\\\/06\\\/notepad-vulnerability-cve-2025-15556\\\/\"},\"author\":{\"name\":\"kasingh\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/#\\\/schema\\\/person\\\/206ba07b2fdc716dbfb162fe95aa60ee\"},\"headline\":\"Notepad ++ Vulnerability (CVE-2025-15556)\",\"datePublished\":\"2026-02-06T16:53:58+00:00\",\"dateModified\":\"2026-02-06T16:54:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/2026\\\/02\\\/06\\\/notepad-vulnerability-cve-2025-15556\\\/\"},\"wordCount\":190,\"publisher\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/#organization\"},\"articleSection\":[\"Vulnerabilities\"],\"inLanguage\":\"en-CA\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/2026\\\/02\\\/06\\\/notepad-vulnerability-cve-2025-15556\\\/\",\"url\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/2026\\\/02\\\/06\\\/notepad-vulnerability-cve-2025-15556\\\/\",\"name\":\"Notepad ++ Vulnerability (CVE-2025-15556) - Information Security\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/#website\"},\"datePublished\":\"2026-02-06T16:53:58+00:00\",\"dateModified\":\"2026-02-06T16:54:01+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/2026\\\/02\\\/06\\\/notepad-vulnerability-cve-2025-15556\\\/#breadcrumb\"},\"inLanguage\":\"en-CA\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/2026\\\/02\\\/06\\\/notepad-vulnerability-cve-2025-15556\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/2026\\\/02\\\/06\\\/notepad-vulnerability-cve-2025-15556\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Notepad ++ Vulnerability (CVE-2025-15556)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/#website\",\"url\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/\",\"name\":\"Information Security\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-CA\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/#organization\",\"name\":\"Information Security\",\"url\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-CA\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/wp-content\\\/uploads\\\/sites\\\/806\\\/2025\\\/05\\\/Image-4.png\",\"contentUrl\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/wp-content\\\/uploads\\\/sites\\\/806\\\/2025\\\/05\\\/Image-4.png\",\"width\":1024,\"height\":1024,\"caption\":\"Information Security\"},\"image\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/#\\\/schema\\\/person\\\/206ba07b2fdc716dbfb162fe95aa60ee\",\"name\":\"kasingh\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-CA\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c8a14e9f369169760b25636109e5d366baf391d45d3aa148137036b64cc6bb48?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c8a14e9f369169760b25636109e5d366baf391d45d3aa148137036b64cc6bb48?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c8a14e9f369169760b25636109e5d366baf391d45d3aa148137036b64cc6bb48?s=96&d=mm&r=g\",\"caption\":\"kasingh\"},\"url\":\"https:\\\/\\\/www.yorku.ca\\\/uit\\\/infosec\\\/author\\\/kasingh\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Notepad ++ Vulnerability (CVE-2025-15556) - Information Security","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/","og_locale":"en_US","og_type":"article","og_title":"Notepad ++ Vulnerability (CVE-2025-15556) - Information Security","og_description":"A recently discovered Notepad++ vulnerability (CVE\u20112025\u201115556) allows attackers to execute arbitrary code by exploiting insecure update integrity verification. Severity level&nbsp; CVSS Score: 7.7\/high Description:- \u00a0Notepad++ is a free and open-source source code editor. A vulnerability exists in Notepad++ versions prior to 8.8.9 involving the WinGUp updater, which fails to cryptographically verify downloaded update metadata and [&hellip;]","og_url":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/","og_site_name":"Information Security","article_published_time":"2026-02-06T16:53:58+00:00","article_modified_time":"2026-02-06T16:54:01+00:00","author":"kasingh","twitter_card":"summary_large_image","twitter_misc":{"Written by":"kasingh","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/#article","isPartOf":{"@id":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/"},"author":{"name":"kasingh","@id":"https:\/\/www.yorku.ca\/uit\/infosec\/#\/schema\/person\/206ba07b2fdc716dbfb162fe95aa60ee"},"headline":"Notepad ++ Vulnerability (CVE-2025-15556)","datePublished":"2026-02-06T16:53:58+00:00","dateModified":"2026-02-06T16:54:01+00:00","mainEntityOfPage":{"@id":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/"},"wordCount":190,"publisher":{"@id":"https:\/\/www.yorku.ca\/uit\/infosec\/#organization"},"articleSection":["Vulnerabilities"],"inLanguage":"en-CA"},{"@type":"WebPage","@id":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/","url":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/","name":"Notepad ++ Vulnerability (CVE-2025-15556) - Information Security","isPartOf":{"@id":"https:\/\/www.yorku.ca\/uit\/infosec\/#website"},"datePublished":"2026-02-06T16:53:58+00:00","dateModified":"2026-02-06T16:54:01+00:00","breadcrumb":{"@id":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/#breadcrumb"},"inLanguage":"en-CA","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.yorku.ca\/uit\/infosec\/2026\/02\/06\/notepad-vulnerability-cve-2025-15556\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.yorku.ca\/uit\/infosec\/"},{"@type":"ListItem","position":2,"name":"Notepad ++ Vulnerability (CVE-2025-15556)"}]},{"@type":"WebSite","@id":"https:\/\/www.yorku.ca\/uit\/infosec\/#website","url":"https:\/\/www.yorku.ca\/uit\/infosec\/","name":"Information Security","description":"","publisher":{"@id":"https:\/\/www.yorku.ca\/uit\/infosec\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.yorku.ca\/uit\/infosec\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-CA"},{"@type":"Organization","@id":"https:\/\/www.yorku.ca\/uit\/infosec\/#organization","name":"Information Security","url":"https:\/\/www.yorku.ca\/uit\/infosec\/","logo":{"@type":"ImageObject","inLanguage":"en-CA","@id":"https:\/\/www.yorku.ca\/uit\/infosec\/#\/schema\/logo\/image\/","url":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-content\/uploads\/sites\/806\/2025\/05\/Image-4.png","contentUrl":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-content\/uploads\/sites\/806\/2025\/05\/Image-4.png","width":1024,"height":1024,"caption":"Information Security"},"image":{"@id":"https:\/\/www.yorku.ca\/uit\/infosec\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.yorku.ca\/uit\/infosec\/#\/schema\/person\/206ba07b2fdc716dbfb162fe95aa60ee","name":"kasingh","image":{"@type":"ImageObject","inLanguage":"en-CA","@id":"https:\/\/secure.gravatar.com\/avatar\/c8a14e9f369169760b25636109e5d366baf391d45d3aa148137036b64cc6bb48?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/c8a14e9f369169760b25636109e5d366baf391d45d3aa148137036b64cc6bb48?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c8a14e9f369169760b25636109e5d366baf391d45d3aa148137036b64cc6bb48?s=96&d=mm&r=g","caption":"kasingh"},"url":"https:\/\/www.yorku.ca\/uit\/infosec\/author\/kasingh\/"}]}},"taxonomy_info":{"category":[{"value":31,"label":"Vulnerabilities"}]},"featured_image_src_large":false,"author_info":{"display_name":"kasingh","author_link":"https:\/\/www.yorku.ca\/uit\/infosec\/author\/kasingh\/"},"comment_info":0,"category_info":[{"term_id":31,"name":"Vulnerabilities","slug":"vulnerabilities","term_group":0,"term_taxonomy_id":31,"taxonomy":"category","description":"","parent":0,"count":17,"filter":"raw","cat_ID":31,"category_count":17,"category_description":"","cat_name":"Vulnerabilities","category_nicename":"vulnerabilities","category_parent":0}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/posts\/2584","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/users\/2694"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/comments?post=2584"}],"version-history":[{"count":1,"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/posts\/2584\/revisions"}],"predecessor-version":[{"id":2587,"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/posts\/2584\/revisions\/2587"}],"wp:attachment":[{"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/media?parent=2584"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/categories?post=2584"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yorku.ca\/uit\/infosec\/wp-json\/wp\/v2\/tags?post=2584"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}