EIP-2026-117744

PRE-CVE

Parallels Desktop - Virtual Machine Escape

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117744. PoCs published by Mohammad Reza Espargham.

AI-analyzed exploit summary This exploit leverages a vulnerability in Parallels Desktop's shared folder implementation to execute arbitrary commands on the host macOS system by manipulating the 'Open on Mac' context menu option via PowerShell automation.

Description

Parallels Desktop - Virtual Machine Escape

Exploits (1)

exploitdb WORKING POC

by Mohammad Reza Espargham · textlocalwindows

https://www.exploit-db.com/exploits/42116

View Code ZIP pw:eip

This exploit leverages a vulnerability in Parallels Desktop's shared folder implementation to execute arbitrary commands on the host macOS system by manipulating the 'Open on Mac' context menu option via PowerShell automation.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Parallels Desktop (All Versions, specifically PrlToolsShellExt.dll 10.2.0 (28956))

No auth needed

Prerequisites: Parallels Desktop installed with shared folders enabled · Access to a guest VM with shared folder access

MITRE ATT&CK

T1204 - User Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026