EIP-2026-116853

PRE-CVE

Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116853. PoCs published by Nathu Nandwani.

AI-analyzed exploit summary This exploit leverages a memory disclosure vulnerability in Avast Anti-Virus to extract user credentials (email and password) from the process memory of AvastUI.exe. It uses the winappdbg library to scan and read memory regions containing specific regex patterns.

Description

Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure

Exploits (1)

exploitdb WORKING POC

by Nathu Nandwani · pythonlocalwindows

https://www.exploit-db.com/exploits/46345

View Code ZIP pw:eip

This exploit leverages a memory disclosure vulnerability in Avast Anti-Virus to extract user credentials (email and password) from the process memory of AvastUI.exe. It uses the winappdbg library to scan and read memory regions containing specific regex patterns.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Avast Anti-Virus < 19.1.2360 (build 19.1.4142.0)

No auth needed

Prerequisites: Avast Anti-Virus running on the target system · Local access to the target machine

MITRE ATT&CK

T1003 - OS Credential Dumping

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026