vulnerability

NotepadPlusPlus: Uncontrolled Search Path Element (CVE-2023-47452)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Nov 30, 2023	Jan 11, 2024	Jan 28, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Nov 30, 2023

Added

Jan 11, 2024

Modified

Jan 28, 2025

Description

An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory.

Solution

notepadplusplus-upgrade-latest

References

CVE-2023-47452
https://attackerkb.com/topics/CVE-2023-47452
URL-https://github.com/xieqiang11/poc-1/tree/main

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today