EIP-2026-116256

PRE-CVE

SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116256. PoCs published by bzyo.

AI-analyzed exploit summary This PoC exploits a buffer overflow vulnerability in SMPlayer 17.11.0 by generating a malformed '.m3u' playlist file with an excessive number of 'A' characters (24538). Opening this file twice in the application triggers a crash, demonstrating the vulnerability.

Description

SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)

Exploits (1)

exploitdb WORKING POC

by bzyo · pythondoswindows

https://www.exploit-db.com/exploits/43124

View Code ZIP pw:eip

This PoC exploits a buffer overflow vulnerability in SMPlayer 17.11.0 by generating a malformed '.m3u' playlist file with an excessive number of 'A' characters (24538). Opening this file twice in the application triggers a crash, demonstrating the vulnerability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: SMPlayer v17.11.0

No auth needed

Prerequisites: SMPlayer v17.11.0 installed on the target system · Ability to deliver the malformed '.m3u' file to the target

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026