EIP-2026-117498

PRE-CVE

Microsoft Internet Explorer 11 - Null Pointer Dereference

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117498. PoCs published by LiquidWorm.

AI-analyzed exploit summary This is a technical writeup detailing a NULL pointer dereference vulnerability in Microsoft Internet Explorer 11's mshtml.dll, specifically in the Tree::Notify_InvalidateDisplay function. The analysis includes crash traces, affected functions, and references to the advisory, but does not contain functional exploit code.

Description

Microsoft Internet Explorer 11 - Null Pointer Dereference

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/45778

View Code ZIP pw:eip

This is a technical writeup detailing a NULL pointer dereference vulnerability in Microsoft Internet Explorer 11's mshtml.dll, specifically in the Tree::Notify_InvalidateDisplay function. The analysis includes crash traces, affected functions, and references to the advisory, but does not contain functional exploit code.

Classification

Writeup 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Internet Explorer 11 (versions 11.345.17134.0, 11.1387.15063.0, 11.0.9600.18282, 11.0.9600.17843)

No auth needed

Prerequisites: Victim must visit a maliciously crafted webpage

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026