EIP-2026-118852

PRE-CVE

Microsoft Log Sink Class - ActiveX Control Arbitrary File Creation

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118852. PoCs published by Shane Hird.

AI-analyzed exploit summary This exploit leverages a vulnerability in the Microsoft Log Sink Class ActiveX control to create arbitrary files on a target system. The provided HTML/JavaScript code demonstrates how an attacker can write to a file (e.g., C:\autoexec.bat) by enticing a user to visit a malicious webpage.

Description

Microsoft Log Sink Class - ActiveX Control Arbitrary File Creation

Exploits (1)

exploitdb WORKING POC VERIFIED
by Shane Hird · textremotewindows
https://www.exploit-db.com/exploits/25157

This exploit leverages a vulnerability in the Microsoft Log Sink Class ActiveX control to create arbitrary files on a target system. The provided HTML/JavaScript code demonstrates how an attacker can write to a file (e.g., C:\autoexec.bat) by enticing a user to visit a malicious webpage.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Log Sink Class ActiveX control
No auth needed
Prerequisites: User interaction (visiting a malicious webpage) · ActiveX control enabled in the browser
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026