EIP-2026-117127

PRE-CVE

EmEditor 19.8 - Insecure File Permissions

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117127. PoCs published by SajjadBnd.

AI-analyzed exploit summary This exploit demonstrates insecure file permissions in EmEditor 19.8, allowing any user to replace executable files or perform DLL hijacking to escalate privileges to SYSTEM or Administrator.

Description

EmEditor 19.8 - Insecure File Permissions

Exploits (1)

exploitdb WORKING POC

by SajjadBnd · textlocalwindows

https://www.exploit-db.com/exploits/48398

View Code ZIP pw:eip

This exploit demonstrates insecure file permissions in EmEditor 19.8, allowing any user to replace executable files or perform DLL hijacking to escalate privileges to SYSTEM or Administrator.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: EmEditor 19.8

No auth needed

Prerequisites: Local access to the system · EmEditor 19.8 installed with default permissions

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026