EIP-2026-115633

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115633. PoCs published by Google Security Research.

AI-analyzed exploit summary The writeup describes a memory corruption vulnerability in AFDKO's CFF font parsing code, specifically in the `readCharset()` and `postRead()` functions, which can be triggered via Microsoft Edge when printing a maliciously crafted OpenType variable font. The issue arises from inconsistent state handling during error conditions, leading to potential buffer overflows or other memory safety issues.

Description

Microsoft DirectWrite / AFDKO - Multiple Bugs in OpenType Font Handling Related to the _post_ Table

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/47101

View Code ZIP pw:eip

The writeup describes a memory corruption vulnerability in AFDKO's CFF font parsing code, specifically in the `readCharset()` and `postRead()` functions, which can be triggered via Microsoft Edge when printing a maliciously crafted OpenType variable font. The issue arises from inconsistent state handling during error conditions, leading to potential buffer overflows or other memory safety issues.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Complex

Reliability

Theoretical

Target: AFDKO (Adobe Font Development Kit for OpenType) in Microsoft DirectWrite (Windows 10 1709 and later)

No auth needed

Prerequisites: Attacker must craft a malicious OpenType variable font · Victim must open the font in Microsoft Edge and attempt to print it

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Microsoft DirectWrite / AFDKO - Multiple Bugs in OpenType Font Handling Related to the _post_ Table

Exploitation Summary

Description

Exploits (1)

Details