EIP-2026-115569

PRE-CVE

Macro Express Pro 4.2.2.1 - '.MXE' File Syntactic Analysis Buffer Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115569. PoCs published by LiquidWorm.

AI-analyzed exploit summary This Perl script generates a malformed Macro Express Pro MXE file with an oversized string buffer, triggering a buffer overflow vulnerability (CVE-2026-158223) when imported. The PoC demonstrates arbitrary code execution potential via controlled EIP overwrite, as evidenced by the included crash analysis.

Description

Macro Express Pro 4.2.2.1 - '.MXE' File Syntactic Analysis Buffer Overflow (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by LiquidWorm · perldoswindows

https://www.exploit-db.com/exploits/15959

View Code ZIP pw:eip

This Perl script generates a malformed Macro Express Pro MXE file with an oversized string buffer, triggering a buffer overflow vulnerability (CVE-2026-158223) when imported. The PoC demonstrates arbitrary code execution potential via controlled EIP overwrite, as evidenced by the included crash analysis.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Macro Express Pro 4.2.2.1 and 4.2.1.1

No auth needed

Prerequisites: Victim must open the crafted .mxe file in Macro Express Pro

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026