EIP-2026-119445

PRE-CVE

Trend Micro - 'CoreServiceShell.exe' Multiple HTTP s

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119445. PoCs published by Google Security Research.

AI-analyzed exploit summary This writeup details multiple vulnerabilities in Trend Micro Antivirus's CoreServiceShell.exe, including path traversal, header injection, and XSS. The analysis explains how these flaws can be combined to achieve arbitrary file access as SYSTEM.

Description

Trend Micro - 'CoreServiceShell.exe' Multiple HTTP s

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textwebappswindows

https://www.exploit-db.com/exploits/39808

View Code ZIP pw:eip

This writeup details multiple vulnerabilities in Trend Micro Antivirus's CoreServiceShell.exe, including path traversal, header injection, and XSS. The analysis explains how these flaws can be combined to achieve arbitrary file access as SYSTEM.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Trend Micro Antivirus (CoreServiceShell.exe)

No auth needed

Prerequisites: Access to the local network or the ability to trick a user into visiting a malicious page

MITRE ATT&CK

T1005 - Data from Local System T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026