EIP-2026-117582

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117582. PoCs published by Google Security Research.

AI-analyzed exploit summary This is a detailed technical analysis of multiple critical design flaws in the Windows Text Services Framework (TSF) msctf subsystem, including ALPC port accessibility across sessions, UIPI bypass, and arbitrary code execution via unvalidated command indices. The author provides an interactive tool (ctftool.exe) to probe and exploit these vulnerabilities.

Description

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textlocalwindows

https://www.exploit-db.com/exploits/47258

View Code ZIP pw:eip

This is a detailed technical analysis of multiple critical design flaws in the Windows Text Services Framework (TSF) msctf subsystem, including ALPC port accessibility across sessions, UIPI bypass, and arbitrary code execution via unvalidated command indices. The author provides an interactive tool (ctftool.exe) to probe and exploit these vulnerabilities.

Classification

Writeup 95%

Attack Type

Lpe | Rce

Complexity

Complex

Reliability

Reliable

Target: Windows Text Services Framework (TSF) msctf subsystem (Windows XP and later)

No auth needed

Prerequisites: Access to a Windows system with the TSF msctf subsystem · Ability to run custom tools (ctftool.exe)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548.002 - Bypass User Account Control

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities

Exploitation Summary

Description

Exploits (1)

Details