EIP-2026-115222
PRE-CVEESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86/x64) - LZH archive parsing (PoC)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-115222. PoCs published by Oleksiuk Dmitry_ eSage Lab.
AI-analyzed exploit summary This PoC exploits a heap corruption vulnerability in ESET Smart Security and NOD32 Antivirus by crafting a malicious LZH archive with broken LZW compressed data. Scanning the file triggers the vulnerability in the ekrn.exe service process.
Description
ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86/x64) - LZH archive parsing (PoC)
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Oleksiuk Dmitry_ eSage Lab · pythondoswindows
https://www.exploit-db.com/exploits/12529
This PoC exploits a heap corruption vulnerability in ESET Smart Security and NOD32 Antivirus by crafting a malicious LZH archive with broken LZW compressed data. Scanning the file triggers the vulnerability in the ekrn.exe service process.
Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64)
No auth needed
Prerequisites:
Ability to deliver the malicious LZH file to the target system
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026