Detections
Analytics

Notepad++ < 8.9.3 libcurl TLS CA Store Caching (CVE-2025-14819)

medium Nessus Plugin ID 304669

Synopsis

A text editor on the remote Windows host is affected by a TLS certificate verification vulnerability.

Description

The version of Notepad++ installed on the remote host is prior to 8.9.3. It is, therefore, affected by a vulnerability:

 - A flaw exists in the bundled libcurl library used by WinGUp, the Notepad++ updater. When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPT_NO_PARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. This could make libcurl find and accept a trust chain that it otherwise would not. (CVE-2025-14819)

In addition, version 8.9.3 includes fixes for multiple crash regressions and other stability improvements.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Notepad++ version 8.9.3 or later.

See Also

https://cybersecuritynews.com/notepad-v8-9-3-released/

http://www.nessus.org/u?1cf60025

Plugin Details

Severity: Medium

ID: 304669

File Name: notepad_plus_plus_8_9_3.nasl

Version: 1.1

Type: Local

Agent: windows

Family: Windows

Published: 4/2/2026

Updated: 4/2/2026

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2025-14819

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: cpe:/a:notepad-plus-plus:notepad%5c%2b%5c%2b

Required KB Items: installed_sw/Notepad++, SMB/Registry/Enumerated

Patch Publication Date: 1/8/2026

Vulnerability Publication Date: 1/8/2026

Reference Information

CVE: CVE-2025-14819