EIP-2026-103645

PRE-CVE

Rosiello Security Sphiro HTTPd 0.1B - Remote Heap Buffer Overflow

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103645. PoCs published by Slotto Corleone.

AI-analyzed exploit summary The exploit demonstrates a remote heap-based buffer overflow in Sphiro HTTPD by sending an overly long HTTP GET request. The vulnerability arises from insufficient boundary checks when storing input in fixed buffers, potentially leading to arbitrary code execution or denial of service.

Description

Rosiello Security Sphiro HTTPd 0.1B - Remote Heap Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED
by Slotto Corleone · textdosmultiple
https://www.exploit-db.com/exploits/24070

The exploit demonstrates a remote heap-based buffer overflow in Sphiro HTTPD by sending an overly long HTTP GET request. The vulnerability arises from insufficient boundary checks when storing input in fixed buffers, potentially leading to arbitrary code execution or denial of service.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Sphiro HTTPD
No auth needed
Prerequisites: Network access to the target server · Sphiro HTTPD running on port 80
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026