EIP-2026-118274

PRE-CVE

Apple QuickTime /w IE .qtl Version XAS - Remote

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118274. PoCs published by Aviv Raff.

AI-analyzed exploit summary This exploit leverages QuickTime .qtl files to execute arbitrary commands via Firefox's '-chrome' command-line switch injection, enabling automated XAS (Cross Application Scripting) attacks in restricted web environments. It demonstrates shutting down Skype as a proof-of-concept.

Description

Apple QuickTime /w IE .qtl Version XAS - Remote

Exploits (1)

exploitdb WORKING POC VERIFIED
by Aviv Raff · htmlremotewindows
https://www.exploit-db.com/exploits/4424

This exploit leverages QuickTime .qtl files to execute arbitrary commands via Firefox's '-chrome' command-line switch injection, enabling automated XAS (Cross Application Scripting) attacks in restricted web environments. It demonstrates shutting down Skype as a proof-of-concept.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Firefox (with QuickTime plugin)
No auth needed
Prerequisites: QuickTime plugin installed in Firefox · Default browser set to Firefox
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026