Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. High-Severity Vulnerability in Notepad++
Alerts

High-Severity Vulnerability in Notepad++

30 June 2025

Notepad++ has released security updates addressing a vulnerability affecting their product. Users and administrators of affected products are advised to update to the latest version.

Background

Notepad++ has released security updates addressing a vulnerability (CVE-2025-49144) affecting their product. The proof-of-concept exploit targeting this vulnerability is publicly available.

Impact

Successful exploitation of the vulnerability could allow an attacker with low privilege access to perform privilege escalation by executing a maliciously crafted file with system-level privileges, potentially gaining full control of the affected system.

Affected Products

The vulnerability affects Notepad++ versions 8.8.1 and earlier.

Mitigation

Users and administrators of affected products are advised to update to the latest version.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-49144

https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-9vx8-v79m-6m24

https://cybersecuritynews.com/notepad-vulnerability/


Back to top