EIP-2026-116581

PRE-CVE

WPS Office < 2016 - '.xls' Heap Memory Corruption

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116581. PoCs published by Francis Provencher.

AI-analyzed exploit summary This advisory describes a heap memory corruption vulnerability in WPS Office 2016, which can be exploited via a malformed .xls file to achieve remote code execution. The technical details are minimal but sufficient to classify it as a legitimate writeup.

Description

WPS Office < 2016 - '.xls' Heap Memory Corruption

Exploits (1)

exploitdb WRITEUP

by Francis Provencher · textdoswindows

https://www.exploit-db.com/exploits/39398

View Code ZIP pw:eip

This advisory describes a heap memory corruption vulnerability in WPS Office 2016, which can be exploited via a malformed .xls file to achieve remote code execution. The technical details are minimal but sufficient to classify it as a legitimate writeup.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: WPS Office 2016

No auth needed

Prerequisites: Target must open a malicious .xls file

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026