EIP-2026-104520

PRE-CVE

NetBSD 1.x - 'TalkD' User Validation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104520. PoCs published by Tekno pHReak.

AI-analyzed exploit summary The exploit describes a user spoofing vulnerability in the talkd service, which fails to validate user identities during talk sessions. This can be exploited for social engineering attacks, and a malicious NetBSD talkd component was used as proof of concept.

Description

NetBSD 1.x - 'TalkD' User Validation

Exploits (1)

exploitdb WRITEUP VERIFIED

by Tekno pHReak · textremotenetbsd_x86

https://www.exploit-db.com/exploits/21364

View Code ZIP pw:eip

The exploit describes a user spoofing vulnerability in the talkd service, which fails to validate user identities during talk sessions. This can be exploited for social engineering attacks, and a malicious NetBSD talkd component was used as proof of concept.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: talkd (various Unix/Linux distributions)

No auth needed

Prerequisites: Access to a system with talkd service running

MITRE ATT&CK

T1566.001 - Spearphishing Attachment

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026