EIP-2026-115982

PRE-CVE

Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115982. PoCs published by LiquidWorm.

AI-analyzed exploit summary This is a functional proof-of-concept exploit for a Unicode buffer overflow vulnerability in NVIDIA Install Application 2.1002.85.551 (NVI2.dll). The exploit leverages an overly long string passed to the 'AddPackages' function via an ActiveX control, leading to arbitrary code execution.

Description

Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC)

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textdoswindows

https://www.exploit-db.com/exploits/23177

View Code ZIP pw:eip

This is a functional proof-of-concept exploit for a Unicode buffer overflow vulnerability in NVIDIA Install Application 2.1002.85.551 (NVI2.dll). The exploit leverages an overly long string passed to the 'AddPackages' function via an ActiveX control, leading to arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: NVIDIA Install Application 2.1002.85.551 (NVI2.dll)

No auth needed

Prerequisites: Victim must visit a malicious webpage or open the HTML file · NVIDIA Install Application 2.1002.85.551 must be installed

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026