Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)

A high-severity vulnerability (CVE-2025-49144) in the Notepad++ installer could be exploited by unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. There is currently no indication that the vulnerability is being leveraged by attackers, though technical details and a proof-of-concept (PoC) have been published – and redacted shortly after for security reasons. About CVE-2025-49144 Notepad++ is a popular free and open-source text and source code editor for Windows. CVE-2025-49144 is a local privilege …