CVE-2025-49144 PoC — Notepad++ 安全漏洞

Source

https://github.com/tristanvandermeer/CVE-2025-49144-Test

Associated Vulnerability

Title:Notepad++ 安全漏洞 (CVE-2025-49144)
Description:Notepad++是中国台湾侯今吾（Don Ho）个人开发者的一款开源的纯文本编辑器。 Notepad++ 8.8.1及之前版本存在安全漏洞，该漏洞源于安装程序存在不安全可执行文件搜索路径导致权限提升。

Description

A test attack for CVE-2025-49144

Readme

# CVE-2025-49144-Test
Playing with python .exes and Notepad ++ installer vuln

This regsvr32.exe payload only works on my local network. Its just a simple obfuscated rev. shell. Not super interesting but it is cool to see it work :3

(https://nvd.nist.gov/vuln/detail/CVE-2025-49144)

File Snapshot


 [4.0K]  /data/pocs/adb518e92bb3302c436e7cc2aef452ac94cf3c77
├── [ 13M]  CVE_TEST_2.zip
├── [1.0K]  LICENSE
├── [ 284]  README.md
└── [6.9M]  soup_store.exe

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!