CVE-2026-2538 – Flos Freeware Notepad2 Msimg32.dll uncontrolled search path

CVE ID : CVE-2026-2538

Published : Feb. 16, 2026, 6:02 a.m. | 32 minutes ago

Description : A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25. Affected is an unknown function in the library Msimg32.dll. Performing a manipulation results in uncontrolled search path. Attacking locally is a requirement. The attack’s complexity is rated as high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…