EIP-2026-116474

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116474. PoCs published by Skylined.

AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in the VBScript engine (vbscript.dll) where a crafted regular expression with a trailing backslash causes out-of-bounds memory reads. The PoC shows how heap data beyond the regex string can be leaked, potentially exposing sensitive information.

Description

VBScript 5.8.7600.16385/5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read

Exploits (1)

exploitdb WORKING POC

by Skylined · htmldoswindows

https://www.exploit-db.com/exploits/40743

View Code ZIP pw:eip

This exploit demonstrates an information disclosure vulnerability in the VBScript engine (vbscript.dll) where a crafted regular expression with a trailing backslash causes out-of-bounds memory reads. The PoC shows how heap data beyond the regex string can be leaked, potentially exposing sensitive information.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Microsoft VBScript Engine (vbscript.dll) versions 5.8.7600.16385 - 5.8.9600.16384

No auth needed

Prerequisites: Target must execute the crafted script in an application embedding the VBScript engine (e.g., Internet Explorer, WSH, or IIS with ASP)

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

VBScript 5.8.7600.16385/5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read

Exploitation Summary

Description

Exploits (1)

Details