CVE-2026-2538 | Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25 Msimg32.dll uncontrolled search path

A vulnerability has been found in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25 and classified as problematic. Affected is an unknown function in the library Msimg32.dll. Performing a manipulation results in uncontrolled search path.

This vulnerability is known as CVE-2026-2538. Attacking locally is a requirement. No exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More