EIP-2026-117808

PRE-CVE

QQPlayer - '.cue' File Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117808. PoCs published by Lufeng Li.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in QQPlayer's handling of .cue files to achieve remote code execution. The payload overwrites the SEH handler and includes shellcode to execute arbitrary commands on the target system.

Description

QQPlayer - '.cue' File Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by Lufeng Li · pythonlocalwindows

https://www.exploit-db.com/exploits/14431

View Code ZIP pw:eip

This exploit leverages a buffer overflow vulnerability in QQPlayer's handling of .cue files to achieve remote code execution. The payload overwrites the SEH handler and includes shellcode to execute arbitrary commands on the target system.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: QQPlayer <= 2.3.696.400p1

No auth needed

Prerequisites: Victim must open a maliciously crafted .cue file in QQPlayer

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026