EIP-2026-116579

PRE-CVE

WPS Office < 2016 - '.ppt' drawingContainer Memory Corruption

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116579. PoCs published by Francis Provencher.

AI-analyzed exploit summary This is a vulnerability writeup for WPS Office 2016, detailing a memory corruption issue in the handling of crafted Presentation files with an invalid 'Length' header in a drawingContainer. The flaw allows remote code execution when a user opens a malicious .ppt file.

Description

WPS Office < 2016 - '.ppt' drawingContainer Memory Corruption

Exploits (1)

exploitdb WRITEUP

by Francis Provencher · textdoswindows

https://www.exploit-db.com/exploits/39397

View Code ZIP pw:eip

This is a vulnerability writeup for WPS Office 2016, detailing a memory corruption issue in the handling of crafted Presentation files with an invalid 'Length' header in a drawingContainer. The flaw allows remote code execution when a user opens a malicious .ppt file.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: WPS Office 2016

No auth needed

Prerequisites: User interaction to open a malicious .ppt file

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026