CVE-2026-46710
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
Notepad++ versions 8.9.4 through 8.9.6 contain a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without an absolute path after setting the working directory to the contextMenu directory. If an attacker places a malicious powershell.exe in a user-writable installation directory and a privileged user runs the installer selecting that directory, the attacker-controlled executable runs with elevated privileges.
Risk Assessment
The risk is that an attacker can gain control of the system with installer privileges, potentially leading to malware installation, data theft, or further privilege escalation within the organization.
Recommendation
Immediately update Notepad++ to version 8.9.6 or later. Additionally, administrators should avoid running installers from user-writable directories.
Original NVD description (English source)
Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without using an absolute path after setting the working directory to the installation contextMenu directory. If an attacker can pre-place a malicious powershell.exe in a user-writable custom installation directory, and a privileged user later runs the installer and selects that directory, the attacker-controlled executable is launched with the elevated privileges of the installer. This vulnerability is fixed in 8.9.6.

