Taggart 
Here's my CVE-2026-20841 PoC.
(Not really, but I have a feeling it's something that rhymes with this)
tehfishman
@tehfishman Did you get a warning before that opened?
@mttaggart Yeah, it pops up a "this might be dangerous" warning, so it's not zero interaction. Also cmd.exe works, but not powershell for some reason. I also can't quite figure out how to pass arguments though, but otherwise this is real close to powershell.exe -EncodedCommand <base64payload>
@mttaggart So powershell.exe was probably blocked for me because I was testing it on my regular workstation, which does have crowdstrike on it, and crowdstrike did have words to say about that. Namely "Process blocked".