EIP-2026-115809

PRE-CVE

Microsoft Windows Mobile - Overly Long vCard Name Field Denial of Service

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115809. PoCs published by SecurityArchitect.Org.

AI-analyzed exploit summary This exploit leverages a denial-of-service vulnerability in Microsoft Windows Mobile by sending a maliciously crafted vCard (VCF) file with an excessively long string in the 'N' field, causing the device to crash. The vulnerability stems from inadequate input validation in Windows Mobile versions 6.1 and 6.5.

Description

Microsoft Windows Mobile - Overly Long vCard Name Field Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED
by SecurityArchitect.Org · doswindows
https://www.exploit-db.com/exploits/34889

This exploit leverages a denial-of-service vulnerability in Microsoft Windows Mobile by sending a maliciously crafted vCard (VCF) file with an excessively long string in the 'N' field, causing the device to crash. The vulnerability stems from inadequate input validation in Windows Mobile versions 6.1 and 6.5.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Windows Mobile 6.1, 6.5
No auth needed
Prerequisites: Ability to send a vCard file to the target device
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026