Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Notepad++ WinGUp Updater Update Integrity Verification Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Exploited

Patched

A vulnerability exists in Notepad++ versions prior to 8.8.9 when using the WinGUp updater. This vulnerability allows for arbitrary code execution by intercepting or redirecting update traffic. The issue arises because downloaded update metadata and installers are not cryptographically verified, enabling an attacker to execute a malicious installer with the user's privileges.

Impact

Exploitation of this vulnerability allows for arbitrary code execution with the privileges of the user.

Remediation

Users can update to Notepad++ version 8.9.1, which includes the necessary security enhancement. The updated version can be downloaded from the Notepad++ official website.

Added: Feb 3, 2026, 1:23 AM

Updated: Feb 12, 2026, 6:39 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.7

remediation

7.7

relevance

2.5

threat

8.1

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.7

remediation

7.7

relevance

2.5

threat

8.1

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Notepad++ WinGUp Updater Update Integrity Verification Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

Notepad++

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating