EIP-2026-115658

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115658. PoCs published by Google Security Research.

AI-analyzed exploit summary The exploit demonstrates a memory corruption vulnerability in Microsoft Font Subsetting DLL (fontsub.dll) where a malformed font file triggers an access violation in ComputeFormat4CmapData due to a 0-sized buffer allocation. The crash occurs when the function attempts to write to an invalid memory location, leading to a denial-of-service condition.

Description

Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/47113

View Code ZIP pw:eip

The exploit demonstrates a memory corruption vulnerability in Microsoft Font Subsetting DLL (fontsub.dll) where a malformed font file triggers an access violation in ComputeFormat4CmapData due to a 0-sized buffer allocation. The crash occurs when the function attempts to write to an invalid memory location, leading to a denial-of-service condition.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Font Subsetting DLL (fontsub.dll) on Windows 10 1709

No auth needed

Prerequisites: Malformed font file · PageHeap enabled in Application Verifier

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData

Exploitation Summary

Description

Exploits (1)

Details