Notepad2 PROPSYS.dll Uncontrolled Search Path Vulnerability (CVE-2026-4545)
CVE-2026-4545 describes a vulnerability in Flos Freeware Notepad2 4.2.25, where manipulating PROPSYS.dll leads to an uncontrolled search path, potentially allowing a local attacker to execute arbitrary code with elevated privileges.
A security flaw, identified as CVE-2026-4545, exists within Flos Freeware Notepad2 version 4.2.25. The vulnerability resides in an unspecified function within the PROPSYS.dll library, leading to an uncontrolled search path issue. Exploitation of this flaw requires local access and is considered to have a high degree of complexity, meaning a successful attack is difficult to execute. The vendor, Flos Freeware, was notified about this vulnerability, but has not responded. Successful exploitation…
Detection coverage 2
Detect Notepad2 Loading DLL from Suspicious Path
highDetects Notepad2 loading a DLL from a non-standard directory, which could indicate an attempt to exploit CVE-2026-4545 via DLL hijacking.
Detect PROPSYS.dll Load from Unusual Location
highDetects PROPSYS.dll being loaded from a non-standard location, potentially indicating exploitation of CVE-2026-4545
Detection queries are kept inside the platform. Get full rules →