Description
Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malicious payload through the optional proxy hostname field in the PrimeNet connection settings to trigger the overflow and execute system commands.
Exploits (1)
exploitdb
WORKING POC
by crash_manucoot · pythonlocalwindows
https://www.exploit-db.com/exploits/44649
Scores
CVSS v3
8.4
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (1)
Mersenne/Prime95
29.4b8
Published
Apr 29, 2026
Tracked Since
Apr 30, 2026