CVE-2022-26809

CRITICAL EXPLOITED RANSOMWARE

Microsoft Windows RPC Runtime - Remote Code Execution

Title source: llm

Description

Remote Procedure Call Runtime Remote Code Execution Vulnerability

Exploits (10)

nomisec WRITEUP 410 stars

by fuckjsonp · poc

https://github.com/fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp

View Code ZIP pw:eip

nomisec WORKING POC 107 stars

by s1ckb017 · dos

https://github.com/s1ckb017/PoC-CVE-2022-26809

View Code ZIP pw:eip

nomisec WORKING POC 61 stars

by yuanLink · poc

https://github.com/yuanLink/CVE-2022-26809

View Code ZIP pw:eip

nomisec WRITEUP 33 stars

by corelight · poc

https://github.com/corelight/cve-2022-26809

View Code ZIP pw:eip

nomisec STUB 27 stars

by websecnl · poc

https://github.com/websecnl/CVE-2022-26809

View Code ZIP pw:eip

nomisec STUB 20 stars

by sherlocksecurity · poc

https://github.com/sherlocksecurity/Microsoft-CVE-2022-26809-The-Little-Boy

View Code ZIP pw:eip

nomisec WORKING POC 7 stars

by auduongxuan · poc

https://github.com/auduongxuan/CVE-2022-26809

View Code ZIP pw:eip

nomisec WORKING POC

by michealadams30 · poc

https://github.com/michealadams30/Cve-2022-26809

View Code ZIP pw:eip

nomisec SUSPICIOUS

by oppongjohn · poc

https://github.com/oppongjohn/CVE-2022-26809-RCE

View Code ZIP pw:eip

nomisec STUB

by Lay0us · poc

https://github.com/Lay0us/CVE-2022-26809-RCE

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809

Scores

CVSS v3 9.8

EPSS 0.9256

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2022-04-14

Ransomware Use Confirmed

Status published

Products (19)

microsoft/windows_10

microsoft/windows_10 20h2

microsoft/windows_10 21h1

microsoft/windows_10 21h2

microsoft/windows_10 1607

microsoft/windows_10 1809

microsoft/windows_10 1909

microsoft/windows_11 (2 CPE variants)

microsoft/windows_7

microsoft/windows_8.1

... and 9 more

Published Apr 15, 2022

Tracked Since Feb 18, 2026