EIP-2026-118906

PRE-CVE

minerCPP 0.4b - Remote Buffer Overflow / Format String

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118906. PoCs published by l3D.

AI-analyzed exploit summary This exploit targets minerCPP 0.4b with a remote buffer overflow combined with a format string attack to bypass stack cookies and achieve arbitrary code execution. It requires sniffing a salt value from network traffic and leverages address leaks to calculate the stack cookie and module bases.

Description

minerCPP 0.4b - Remote Buffer Overflow / Format String

Exploits (1)

exploitdb WORKING POC

by l3D · pythonremotewindows

https://www.exploit-db.com/exploits/14248

View Code ZIP pw:eip

This exploit targets minerCPP 0.4b with a remote buffer overflow combined with a format string attack to bypass stack cookies and achieve arbitrary code execution. It requires sniffing a salt value from network traffic and leverages address leaks to calculate the stack cookie and module bases.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: minerCPP 0.4b

No auth needed

Prerequisites: Network access to the target · Ability to sniff or brute-force the salt value · Target running minerCPP 0.4b on Windows

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026