Change History
6 change records found show changes
CVE Modified by MITRE 11/19/2025 10:15:48 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
|
https://www.vicarius.io/vsociety/posts/cve-2025-56383-detect-notepad-vulnerability
|
| Added |
Reference |
|
https://www.vicarius.io/vsociety/posts/cve-2025-56383-mitigate-notepad-vulnerability
|
CVE Modified by MITRE 10/01/2025 10:15:40 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Tag |
|
disputed
|
| Changed |
Description |
Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code.
|
Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary unprivileged users.
|
| Added |
Reference |
|
https://github.com/zer0t0/CVE-2025-56383-Proof-of-Concept/issues/1
|
CVE Modified by CISA-ADP 9/29/2025 4:15:33 PM
| Action |
Type |
Old Value |
New Value |
| Added |
CWE |
|
CWE-427
|
CVE Modified by CISA-ADP 9/29/2025 10:16:45 AM
| Action |
Type |
Old Value |
New Value |
| Added |
CVSS V3.1 |
|
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| Removed |
CVSS V3.1 |
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
|
| Removed |
CWE |
CWE-77
|
|
CVE Modified by CISA-ADP 9/26/2025 5:15:36 PM
| Action |
Type |
Old Value |
New Value |
| Added |
CVSS V3.1 |
|
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
| Added |
CWE |
|
CWE-77
|
New CVE Received from MITRE 9/26/2025 2:15:36 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Description |
|
Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code.
|
| Added |
Reference |
|
https://github.com/notepad-plus-plus/notepad-plus-plus
|
| Added |
Reference |
|
https://github.com/zer0t0/CVE-2025-56383-Proof-of-Concept
|