CVE-2026-8389
HIGHJIT miscompilation in the JavaScript Engine: JIT component
Title source: cnaExploitation Summary
EIP tracks 1 public exploit for CVE-2026-8389. PoCs published by crixpwn.
AI-analyzed exploit summary This repository contains a functional exploit for CVE-2026-8389, targeting a SpiderMonkey BaselineJIT vulnerability where a 28-bit bitfield truncation leads to type confusion and RCE. The exploit includes a server, primer, and payload to demonstrate the vulnerability.
Description
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3.
Exploits (1)
This repository contains a functional exploit for CVE-2026-8389, targeting a SpiderMonkey BaselineJIT vulnerability where a 28-bit bitfield truncation leads to type confusion and RCE. The exploit includes a server, primer, and payload to demonstrate the vulnerability.
References (6)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H