{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/uncontrolled-search-path/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve","uncontrolled search path","privilege escalation"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eA security flaw, identified as CVE-2026-4545, exists within Flos Freeware Notepad2 version 4.2.25. The vulnerability resides in an unspecified function within the PROPSYS.dll library, leading to an uncontrolled search path issue. Exploitation of this flaw requires local access and is considered to have a high degree of complexity, meaning a successful attack is difficult to execute. The vendor, Flos Freeware, was notified about this vulnerability, but has not responded. Successful exploitation…\u003c/p\u003e\n","date_modified":"2026-03-23T14:00:00Z","date_published":"2026-03-23T14:00:00Z","id":"/briefs/2026-03-notepad2-cve/","summary":"CVE-2026-4545 describes a vulnerability in Flos Freeware Notepad2 4.2.25, where manipulating PROPSYS.dll leads to an uncontrolled search path, potentially allowing a local attacker to execute arbitrary code with elevated privileges.","title":"Notepad2 PROPSYS.dll Uncontrolled Search Path Vulnerability (CVE-2026-4545)","url":"https://feed.craftedsignal.io/briefs/2026-03-notepad2-cve/"}],"language":"en","title":"CraftedSignal Threat Feed — Uncontrolled Search Path","version":"https://jsonfeed.org/version/1.1"}