← voltar
CVE-2026-2538

Flos Freeware Notepad2 Msimg32.dll uncontrolled search path

CVSS 7.3 HIGHEPSS 0.2%CWE-426CWE-427
A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25. Affected is an unknown function in the library Msimg32.dll. Performing a manipulation results in uncontrolled search path. Attacking locally is a requirement. The attack's complexity is rated as high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X
Produtos afetados
Flos Freeware · Notepad2

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/Cyber-Wo0dy/report/blob/main/notepad2/4.2.25/notepad2_dll_hijacking.mdhttps://vuldb.com/?ctiid.346126https://vuldb.com/?id.346126https://vuldb.com/?submit.749345