EIP-2026-119308

PRE-CVE

xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119308. PoCs published by Zer0 Thunder.

AI-analyzed exploit summary This exploit demonstrates a DLL hijacking vulnerability in xAurora by injecting shellcode via a malicious DLL. The shellcode executes a reverse shell, and the exploit triggers when the vulnerable application loads the DLL from a network share.

Description

xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by Zer0 Thunder · cremotewindows

https://www.exploit-db.com/exploits/35881

View Code ZIP pw:eip

This exploit demonstrates a DLL hijacking vulnerability in xAurora by injecting shellcode via a malicious DLL. The shellcode executes a reverse shell, and the exploit triggers when the vulnerable application loads the DLL from a network share.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: xAurora (version not specified)

No auth needed

Prerequisites: Victim must open a file from a network share containing the malicious DLL

MITRE ATT&CK

T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026