EIP-2026-117578

PRE-CVE

Microsoft Windows Server 2000 - 'RegEdit.exe' Registry Key Value Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117578. PoCs published by ThreaT.

AI-analyzed exploit summary This exploit targets a vulnerability in Microsoft Windows' regedit.exe due to improper bounds checking in the RegEnumValueW function. It creates a malicious registry key that executes arbitrary code when browsed by a user, leveraging a buffer overflow technique.

Description

Microsoft Windows Server 2000 - 'RegEdit.exe' Registry Key Value Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by ThreaT · clocalwindows

https://www.exploit-db.com/exploits/22528

View Code ZIP pw:eip

This exploit targets a vulnerability in Microsoft Windows' regedit.exe due to improper bounds checking in the RegEnumValueW function. It creates a malicious registry key that executes arbitrary code when browsed by a user, leveraging a buffer overflow technique.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Windows regedit.exe (tested on Win2K SP0,2,3)

No auth needed

Prerequisites: Local or remote access to the target system · Ability to write to the registry

MITRE ATT&CK

T1112 - Modify Registry T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026