EIP-2026-115790

PRE-CVE

Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115790. PoCs published by Google Security Research.

AI-analyzed exploit summary The exploit describes a DoS vulnerability in SymCrypt's modular inverse calculation, triggered by specific bit patterns in X.509 certificates. The PoC is provided as an external download, but the description includes technical details about the root cause and affected systems.

Description

Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/47414

View Code ZIP pw:eip

The exploit describes a DoS vulnerability in SymCrypt's modular inverse calculation, triggered by specific bit patterns in X.509 certificates. The PoC is provided as an external download, but the description includes technical details about the root cause and affected systems.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Windows SymCrypt (bcryptprimitives!SymCryptFdefModInvGeneric)

No auth needed

Prerequisites: X.509 certificate with crafted bit patterns

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026