EIP-2026-115661

PRE-CVE

Microsoft HTML Help Compiler (hhc.exe) - Buffer Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115661. PoCs published by s4squatch.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow in Microsoft's HTML Help Compiler (hhc.exe) by supplying an excessively long command-line argument, allowing control over EDX, EBP, ESI, and SEH registers. The PoC shows potential for arbitrary code execution but requires local execution and does not inherently elevate privileges.

Description

Microsoft HTML Help Compiler (hhc.exe) - Buffer Overflow (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by s4squatch · textdoswindows

https://www.exploit-db.com/exploits/11034

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow in Microsoft's HTML Help Compiler (hhc.exe) by supplying an excessively long command-line argument, allowing control over EDX, EBP, ESI, and SEH registers. The PoC shows potential for arbitrary code execution but requires local execution and does not inherently elevate privileges.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Microsoft HTML Help Compiler (hhc.exe) version 4.74.8702.0

No auth needed

Prerequisites: Local access to execute hhc.exe with command-line arguments

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026