EIP-2026-115899

PRE-CVE

Navicat < 12.0.27 - Oracle Connection Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115899. PoCs published by Kevin McGuigan.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Navicat < 12.0.27 by generating a malicious text file. When pasted into the Oracle connection host field, it triggers a SEH-based overflow with a controlled payload structure (junk + nSEH + SEH + fill).

Description

Navicat < 12.0.27 - Oracle Connection Overflow

Exploits (1)

exploitdb WORKING POC

by Kevin McGuigan · pythondoswindows

https://www.exploit-db.com/exploits/44558

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Navicat < 12.0.27 by generating a malicious text file. When pasted into the Oracle connection host field, it triggers a SEH-based overflow with a controlled payload structure (junk + nSEH + SEH + fill).

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Navicat < 12.0.27

No auth needed

Prerequisites: Navicat < 12.0.27 installed on Windows · User interaction to paste payload into Oracle connection host field

MITRE ATT&CK

T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026