EIP-2026-115209

PRE-CVE

Edraw Diagram Component 5 - ActiveX Control 'LicenseName()' Method Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115209. PoCs published by Senator of Pirates.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the Edraw Diagram Component ActiveX control (EDBoard.ocx) by supplying an overly long string to the 'LicenseName' property, leading to arbitrary code execution in the context of the application using the control.

Description

Edraw Diagram Component 5 - ActiveX Control 'LicenseName()' Method Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by Senator of Pirates · textdoswindows

https://www.exploit-db.com/exploits/36662

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the Edraw Diagram Component ActiveX control (EDBoard.ocx) by supplying an overly long string to the 'LicenseName' property, leading to arbitrary code execution in the context of the application using the control.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Edraw Diagram Component 5

No auth needed

Prerequisites: Victim must have the vulnerable ActiveX control installed and enabled in Internet Explorer · Attacker must deliver the exploit via a malicious webpage or HTML file

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026