CVE-2025-15556HIGH · 7.5TrackedCISA KEV

Notepad++ · Notepad++

Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept or redirect update traffic to download and execute an attacker-controlled installer. This could lead to arbitrary code execution with the privileges of the user.

Disclosed

2026-02-03

127 days ago

Status

no honeypot capture yet

on CISA KEV — watching

7-day events

across 0 distinct IPs

7-day spread

0 ASN · 0 cty

0 active days

Top ASNs

No events captured yet.

Top countries

No events captured yet.

References

https://notepad-plus-plus.org/news/clarification-security-incident/
https://community.notepad-plus-plus.org/topic/27298/notepad-v8-8-9-vulnerability-fix
https://nvd.nist.gov/vuln/detail/CVE-2025-15556

↗ NVD ↗ CISA KEV ↗ Search analyses