EIP-2026-119645

PRE-CVE

Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119645. PoCs published by Yakir Wizman.

AI-analyzed exploit summary This exploit demonstrates a local password disclosure vulnerability in Navicat Premium 11.2.11 by reading plaintext passwords from the process memory. It uses the winappdbg library to scan the memory of the navicat.exe process for specific byte patterns associated with stored credentials.

Description

Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure

Exploits (1)

exploitdb WORKING POC

by Yakir Wizman · pythonlocalwindows_x86-64

https://www.exploit-db.com/exploits/40336

View Code ZIP pw:eip

This exploit demonstrates a local password disclosure vulnerability in Navicat Premium 11.2.11 by reading plaintext passwords from the process memory. It uses the winappdbg library to scan the memory of the navicat.exe process for specific byte patterns associated with stored credentials.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Navicat Premium 11.2.11 (64bit)

No auth needed

Prerequisites: Local access to the target system · Navicat Premium 11.2.11 running and connected to a database

MITRE ATT&CK

T1003 - OS Credential Dumping

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026