CVE-2023-6401

MEDIUM

NotePad++ <8.1 - Uncontrolled Search Path

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-6401. PoCs published by mekitoci.

AI-analyzed exploit summary This repository contains a functional proof-of-concept for CVE-2023-6401, demonstrating a DLL hijacking vulnerability in Notepad++ ≤ 8.1. The exploit involves placing a malicious `dbghelp.dll` in the application directory to achieve arbitrary code execution.

Description

A vulnerability classified as problematic was found in NotePad++ up to 8.1. Affected by this vulnerability is an unknown functionality of the file dbghelp.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The identifier VDB-246421 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

nomisec WORKING POC

by mekitoci · poc

https://github.com/mekitoci/CVE-2023-6401

View Code ZIP pw:eip

This repository contains a functional proof-of-concept for CVE-2023-6401, demonstrating a DLL hijacking vulnerability in Notepad++ ≤ 8.1. The exploit involves placing a malicious `dbghelp.dll` in the application directory to achieve arbitrary code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Notepad++ ≤ 8.1

No auth needed

Prerequisites: Write permission to the Notepad++ application directory

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory vdb-entry

https://vuldb.com/?id.246421

Third Party Advisory signature permissions-required

https://vuldb.com/?ctiid.246421

Scores

CVSS v3 5.3

EPSS 0.0033

EPSS Percentile 25.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-427

Status published

Products (1)

notepad-plus-plus/notepad\+\+ < 8.1

Published Nov 30, 2023

Tracked Since Feb 18, 2026