CVE-2026-21536

CRITICAL

Microsoft Devices Pricing Program - RCE

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-21536. PoCs published by XiaomingX, b1gchoi.

AI-analyzed exploit summary The repository claims to provide a PoC for CVE-2026-21536 but lacks actual exploit code, instead redirecting users to an external download link (tinyurl). The README contains generic marketing language and no technical details about the vulnerability.

Description

Microsoft Devices Pricing Program Remote Code Execution Vulnerability

Exploits (2)

github SUSPICIOUS 10 stars

by XiaomingX · pythonpoc

https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-21536

View Code ZIP pw:eip

The repository claims to provide a PoC for CVE-2026-21536 but lacks actual exploit code, instead redirecting users to an external download link (tinyurl). The README contains generic marketing language and no technical details about the vulnerability.

Classification

Suspicious 95%

Attack Type

Rce

Complexity

Theoretical

Reliability

Theoretical

Target: Microsoft Devices Pricing Program

No auth needed

Prerequisites: Python 3.8 or higher · Network access to target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 11, 2026 Full analysis →

nomisec SUSPICIOUS

by b1gchoi · poc

https://github.com/b1gchoi/CVE-2026-21536-RCE

View Code ZIP pw:eip

The repository claims to provide a PoC for CVE-2026-21536 but lacks actual exploit code, instead directing users to an external download link (tinyurl.com). The README contains generic marketing language and no technical details about the vulnerability.

Classification

Suspicious 95%

Attack Type

Rce

Complexity

Theoretical

Reliability

Theoretical

Target: Microsoft Devices Pricing Program

No auth needed

Prerequisites: Python 3.8 or higher · Network access to target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 11, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21536

Scores

CVSS v3 9.8

EPSS 0.0170

EPSS Percentile 82.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-434

Status published

Products (2)

microsoft/devices_pricing_program

Microsoft/Microsoft Devices Pricing Program -

Published Mar 05, 2026

Tracked Since Mar 06, 2026