Summary
| Parameter | Value |
|---|---|
| CVE ID | CVE-2025-15556 |
| Alert Source | CISA KEV - Active Exploitation |
| CVE Publication Year | 2025 |
| Date Published | 2026-02-12 |
| Vendor | Notepad++ |
| Product | Notepad++ |
| CVSS Score | N/A (unknown) |
| EPSS Score | 0.0% (percentile: 11%) |
| CISA KEV | Yes - confirmed active exploitation |
| Ransomware | Not confirmed |
| Remediation Deadline | 2026-03-05 |
Vulnerability Description
Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept or redirect update traffic to download and execute an attacker-controlled installer. This could lead to arbitrary code execution with the privileges of the user.
Required Actions
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Who Is Affected?
This vulnerability affects Notepad++ by Notepad++. Check if your organization uses this software and requires updates.
Sources
Need help securing your systems? nFlo team offers vulnerability management and 24/7 SOC services. Contact us.
