EIP-2026-115132

PRE-CVE

DecisionTools SharpGrid - ActiveX Control Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115132. PoCs published by Francis Provencher.

AI-analyzed exploit summary The exploit targets a vulnerability in the DecisionTools SharpGrid ActiveX control, specifically the 'Images' property, which insecurely uses an assigned value as an image list pointer. This allows arbitrary memory location function calls, leading to code execution.

Description

DecisionTools SharpGrid - ActiveX Control Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by Francis Provencher · textdoswindows

https://www.exploit-db.com/exploits/18852

View Code ZIP pw:eip

The exploit targets a vulnerability in the DecisionTools SharpGrid ActiveX control, specifically the 'Images' property, which insecurely uses an assigned value as an image list pointer. This allows arbitrary memory location function calls, leading to code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: DecisionTools SharpGrid ActiveX Control (sg20u.ocx)

No auth needed

Prerequisites: Presence of the vulnerable SharpGrid ActiveX control on the target system

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026