Cyber Resilience

CVE-2026-4546

HighPublic PoCLPE

Published: 22 March 2026

Published
22 March 2026
Modified
30 April 2026
KEV Added
Patch
CVSS Score v4 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0021 11.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-4546 is a high-severity Untrusted Search Path (CWE-426) vulnerability in Flos-Freeware Notepad2. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique DLL (T1574.001); ranked at the 11.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A weakness has been identified in Flos Freeware Notepad2 4.2.25. This impacts an unknown function in the library TextShaping.dll. Executing a manipulation can lead to uncontrolled search path. The attack is restricted to local execution. The attack requires a high…

more

level of complexity. The exploitability is said to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1574.001 DLL Stealth
Adversaries may abuse dynamic-link library files (DLLs) in order to achieve persistence, escalate privileges, and evade defenses.
Why these techniques?

Direct uncontrolled search path (CWE-426/427) in TextShaping.dll enables DLL Search Order Hijacking (T1038) via local placement of a malicious DLL.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

Affected Assets

flos-freeware
notepad2
4.2.25

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References