EIP-2026-119594

PRE-CVE

Microsoft People 10.1807.2131.0 - Denial of service (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119594. PoCs published by L0RD.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service (DoS) vulnerability in Microsoft People (version <= 10.1807.2131.0) by creating a maliciously large input (20,000 'A' characters) that crashes the application when pasted into the 'name' field of a new contact. The PoC generates a payload file and relies on user interaction to trigger the crash.

Description

Microsoft People 10.1807.2131.0 - Denial of service (PoC)

Exploits (1)

exploitdb WORKING POC

by L0RD · textdoswindows_x86-64

https://www.exploit-db.com/exploits/45335

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service (DoS) vulnerability in Microsoft People (version <= 10.1807.2131.0) by creating a maliciously large input (20,000 'A' characters) that crashes the application when pasted into the 'name' field of a new contact. The PoC generates a payload file and relies on user interaction to trigger the crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Microsoft People <= 10.1807.2131.0

No auth needed

Prerequisites: Microsoft People application installed on Windows 10 · User interaction to paste payload into contact name field

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026