EIP-2026-117819

PRE-CVE

R 3.4.4 - Buffer Overflow (SEH)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117819. PoCs published by ZwX.

AI-analyzed exploit summary This exploit demonstrates a classic SEH-based buffer overflow in R v3.4.4, leveraging a crafted input to overwrite the EIP register and execute arbitrary shellcode (a calc.exe payload). The vulnerability is triggered via the 'Language for menus and messages' input field in the GUI preferences.

Description

R 3.4.4 - Buffer Overflow (SEH)

Exploits (1)

exploitdb WORKING POC

by ZwX · pythonlocalwindows

https://www.exploit-db.com/exploits/45289

View Code ZIP pw:eip

This exploit demonstrates a classic SEH-based buffer overflow in R v3.4.4, leveraging a crafted input to overwrite the EIP register and execute arbitrary shellcode (a calc.exe payload). The vulnerability is triggered via the 'Language for menus and messages' input field in the GUI preferences.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: R v3.4.4

No auth needed

Prerequisites: Local access to the target system · R v3.4.4 installed on Windows 7

MITRE ATT&CK

T1211 - Exploitation for Defense Evasion T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026