EIP-2026-102827

PRE-CVE

Emesene 2.12.5 - Password Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102827. PoCs published by Daniel Godoy.

AI-analyzed exploit summary This Perl script exploits a local information disclosure vulnerability in Emesene by reading and decoding passwords stored in the 'users.dat' file. It requires the user to have the 'remember password' feature enabled.

Description

Emesene 2.12.5 - Password Disclosure

Exploits (1)

exploitdb WORKING POC

by Daniel Godoy · perllocallinux

https://www.exploit-db.com/exploits/19517

View Code ZIP pw:eip

This Perl script exploits a local information disclosure vulnerability in Emesene by reading and decoding passwords stored in the 'users.dat' file. It requires the user to have the 'remember password' feature enabled.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Emesene 1.0

No auth needed

Prerequisites: Local access to the system · Emesene installed with 'remember password' enabled

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026