EIP-2026-119137

PRE-CVE

Sienzo Digital Music Mentor 2.6.0.4 - SetEvalExpiryDate Overwrite (SEH)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119137. PoCs published by Parveen Vashishtha.

AI-analyzed exploit summary This is a functional exploit for a stack-based buffer overflow in Sienzo Digital Music Mentor (DMM) 2.6.0.4, leveraging an SEH overwrite in the SetEvalExpiryDate method of DSKernel2.dll to execute arbitrary shellcode (calc.exe).

Description

Sienzo Digital Music Mentor 2.6.0.4 - SetEvalExpiryDate Overwrite (SEH)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Parveen Vashishtha · htmlremotewindows

https://www.exploit-db.com/exploits/3880

View Code ZIP pw:eip

This is a functional exploit for a stack-based buffer overflow in Sienzo Digital Music Mentor (DMM) 2.6.0.4, leveraging an SEH overwrite in the SetEvalExpiryDate method of DSKernel2.dll to execute arbitrary shellcode (calc.exe).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Sienzo Digital Music Mentor (DMM) 2.6.0.4

No auth needed

Prerequisites: Target must have Sienzo DMM 2.6.0.4 installed · ActiveX control must be accessible via browser

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026