Microsoft Office contains a security feature bypass vulnerability in which reliance on untrusted inputs in a security decision in Microsoft Office could allow an unauthorized attacker to bypass a security feature locally. Some of the impacted product(s) could be end-of-life (EoL) and/or end-of-service (EoS). Users are advised to discontinue use and/or transition to a supported version.
PoC: detect_CVE-2026-21509
YARA rule and python script to detect potential exploits for the CVE-2026-21509 vulnerability in MS Office
PoC: CTT-NFS-Vortex-RCE
New Physics Disclosure This repository contains a full weaponized exploit for **CVE-2026-21509**, targeting the Windows Network File System (NFSv4.1) kernel-mode driver (`nfssvr.sys`).
PoC: CVE-2026-21509-POC
POC for the Office vulnerability
PoC: CVE-2026-21509-handler
PowerShell script to check, apply, and test the Kill-Bit protection for the CVE-2026-21509 Microsoft Office zero-day vulnerability affecting Office 2016/2019/LTSC.
PoC: cve-2026-21509-mitigation
CVE-2026-21509 Mitigation
PoC: CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509
CVE-2026-21509 is a critical bypass in the Microsoft Office OLE (Object Linking and Embedding) validation engine. While standard "laminar" exploits attempt to manipulate static COM objects, this repository utilizes Theorem 4.2 to achieve a speculative race-condition bypass of the Object Definition Rule (ODR).
PoC: SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-
Microsoft just released emergency patches for CVE-2026-21509, a zero-day in the Office Suite that bypasses OLE/COM mitigations when a user simply opens a file. They think their "Service-side change" for Office 2021+ is a solid wall.
PoC: KSK-ITDK-CVE-2026-21509-Mitigation
Powershell script with Detection and Remediation for CVE-2026-21509
PoC: CVE-2026-21509-PoC
Educational PoC for CVE‑2026‑21509 (Microsoft Office security feature bypass). Generates a harmless DOCX with dummy OLE artifacts to study EDR/AV visibility. Not an exploit. For isolated labs only; see README for 7‑Zip inspection steps and mitigation references.
PoC: CVE-2026-21509-PoC
Educational PoC for CVE‑2026‑21509 (Microsoft Office security feature bypass). Generates a harmless DOCX with dummy OLE artifacts to study EDR/AV visibility. Not an exploit. For isolated labs only; see README for 7‑Zip inspection steps and mitigation references.
PoC: CVE-2026-21509-PoC
CVE-2026-21509
PoC: Ashwesker-CVE-2026-21509
CVE-2026-21509
PoC: Ashwesker-CVE-2026-21509
CVE-2026-21509
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free