EIP-2026-120637

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-120637. PoCs published by sinanadilrana.

AI-analyzed exploit summary This exploit leverages a memory corruption vulnerability in ZSH 5.9 to achieve remote code execution (RCE) by manipulating memory addresses and injecting a reverse shell payload via GDB. It uses pexpect to automate GDB interactions, demonstrating a functional exploit chain.

Description

ZSH 5.9 - RCE

Exploits (1)

exploitdb WORKING POC

by sinanadilrana · pythonlocallinux

https://www.exploit-db.com/exploits/52503

View Code ZIP pw:eip

This exploit leverages a memory corruption vulnerability in ZSH 5.9 to achieve remote code execution (RCE) by manipulating memory addresses and injecting a reverse shell payload via GDB. It uses pexpect to automate GDB interactions, demonstrating a functional exploit chain.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: ZSH 5.9

No auth needed

Prerequisites: GDB with pwndbg · ZSH 5.9 binary · network connectivity to attacker-controlled IP

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 10, 2026 Full analysis →

ZSH 5.9 - RCE

Exploitation Summary

Description

Exploits (1)

Details