EIP-2026-117497

PRE-CVE

Microsoft Internet Explorer / ActiveX Control - Security Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117497. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This exploit demonstrates a security bypass in Microsoft Internet Explorer by crafting a malicious MHT file with an invalid Content-Location header, which suppresses ActiveX warnings and popup blocker settings, allowing arbitrary code execution via an HTA file.

Description

Microsoft Internet Explorer / ActiveX Control - Security Bypass

Exploits (1)

exploitdb WORKING POC

by hyp3rlinx · textlocalwindows

https://www.exploit-db.com/exploits/50598

View Code ZIP pw:eip

This exploit demonstrates a security bypass in Microsoft Internet Explorer by crafting a malicious MHT file with an invalid Content-Location header, which suppresses ActiveX warnings and popup blocker settings, allowing arbitrary code execution via an HTA file.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Internet Explorer (discontinued but present on Windows 10)

No auth needed

Prerequisites: Local access to the victim's system to place the MHT and HTA files · Victim must open the MHT file locally

MITRE ATT&CK

T1221 - Template Injection T1204 - User Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026