EIP-2026-115965

PRE-CVE

Novell Groupwise Messenger 2.1.0 - Memory Corruption

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115965. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This advisory details a memory corruption vulnerability in Novell GroupWise Messenger's nmma.exe service, where a malformed NM_A_PARM1 tag in the login command can corrupt heap memory. The analysis includes assembly-level details and a reference to a PoC exploit (nmma_x.zip).

Description

Novell Groupwise Messenger 2.1.0 - Memory Corruption

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/18489

View Code ZIP pw:eip

This advisory details a memory corruption vulnerability in Novell GroupWise Messenger's nmma.exe service, where a malformed NM_A_PARM1 tag in the login command can corrupt heap memory. The analysis includes assembly-level details and a reference to a PoC exploit (nmma_x.zip).

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Novell GroupWise Messenger <= 2.1.0

No auth needed

Prerequisites: Network access to port 8300 on the target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026