Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.
Metrics
Affected Vendors & Products
Fixes
Solution
Update version to v8.4.5 or later
Workaround
No workaround given by the vendor.
References
History
Wed, 16 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Wed, 21 May 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 16 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | notepad-plus-plus - DLL Hijacking | notepad-plus-plus - DLL Hijacking |

Status: PUBLISHED
Assigner: Mend
Published:
Updated: 2025-05-21T14:14:43.298Z
Reserved: 2022-05-31T00:00:00.000Z
Link: CVE-2022-32168

Updated: 2024-08-03T07:32:55.976Z

Status : Modified
Published: 2022-09-28T09:15:09.520
Modified: 2025-05-21T15:15:56.900
Link: CVE-2022-32168

No data.

No data.