QwikSec

Security Database

CVE

CWE

Training

CVE-2025-56383

Published: Sep 26, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary unprivileged users.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/notepad-plus-plus/notepad-plus-plus

https://github.com/zer0t0/CVE-2025-56383-Proof-of-Concept

https://github.com/zer0t0/CVE-2025-56383-Proof-of-Concept/issues/1

https://www.vicarius.io/vsociety/posts/cve-2025-56383-detect-notepad-vulnerability

https://www.vicarius.io/vsociety/posts/cve-2025-56383-mitigate-notepad-vulnerability

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.