CVE-2026-4546

Sažetak

A weakness has been identified in Flos Freeware Notepad2 4.2.25. This impacts an unknown function in the library TextShaping.dll. Executing a manipulation can lead to uncontrolled search path. The attack is restricted to local execution. The attack requires a high level of complexity. The exploitability is said to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Reference

https://drive.google.com/file/d/1w5-ztNIN28mPuidtjlsilKsKKQQNOiIJ/view
https://vuldb.com/?ctiid.352373
https://vuldb.com/?id.352373
https://vuldb.com/?submit.774778

CVSS

Base:	6.0
Impact:	10.0
Exploitability:	1.5

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:H/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

22-03-2026 - 14:16

Objavljeno

22-03-2026 - 14:16