Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.5
MobaXterm Prior to 26.1 Allows Malicious Files to Run as Notepad++
CVE-2026-25866
Summary
MobaXterm versions prior to 26.1 can execute malicious files as if they were legitimate Notepad++ files. This could allow an attacker to run unauthorized code on a user's system. Update to MobaXterm 26.1 or later to fix this issue.
Original title
MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening...
Original description
MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable earlier in the search order, resulting in arbitrary code execution in the context of the affected user.
nvd CVSS3.1
7.8
nvd CVSS4.0
8.5
Vulnerability type
CWE-428
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026