EIP-2026-103722

PRE-CVE

WhatsApp < 2.11.7 - Remote Crash

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103722. PoCs published by Jaime Sánchez.

AI-analyzed exploit summary This exploit leverages non-printable characters in a WhatsApp message to crash the client on iOS versions prior to 2.11.8. It uses the Yowsup library to send a crafted message containing specific bytes that trigger the vulnerability.

Description

WhatsApp < 2.11.7 - Remote Crash

Exploits (1)

exploitdb WORKING POC

by Jaime Sánchez · pythondosmultiple

https://www.exploit-db.com/exploits/32865

View Code ZIP pw:eip

This exploit leverages non-printable characters in a WhatsApp message to crash the client on iOS versions prior to 2.11.8. It uses the Yowsup library to send a crafted message containing specific bytes that trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: WhatsApp iOS v2.11.7 and prior

Auth required

Prerequisites: Valid WhatsApp credentials · Yowsup library installed · Target phone number

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026