EIP-2026-119500

PRE-CVE

Tomabo MP4 Converter 3.10.12 < 3.11.12 - '.m3u' File Crush Application (Denial of Service)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119500. PoCs published by mohammed Mohammed.

AI-analyzed exploit summary This exploit demonstrates a Denial of Service (DoS) vulnerability in Tomabo MP4 Converter 3.10.12 by creating a maliciously large .m3u file (600,000 'A' characters) that crashes the application when processed. The attack leverages a buffer overflow or memory exhaustion condition in the software's file parsing logic.

Description

Tomabo MP4 Converter 3.10.12 < 3.11.12 - '.m3u' File Crush Application (Denial of Service)

Exploits (1)

exploitdb WORKING POC VERIFIED

by mohammed Mohammed · pythondoswindows_x86

https://www.exploit-db.com/exploits/38444

View Code ZIP pw:eip

This exploit demonstrates a Denial of Service (DoS) vulnerability in Tomabo MP4 Converter 3.10.12 by creating a maliciously large .m3u file (600,000 'A' characters) that crashes the application when processed. The attack leverages a buffer overflow or memory exhaustion condition in the software's file parsing logic.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Tomabo MP4 Converter 3.10.12

No auth needed

Prerequisites: Ability to deliver a crafted .m3u file to the target system

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026