EIP-2026-101137

PRE-CVE

Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101137. PoCs published by qwertyoruiop.

AI-analyzed exploit summary This exploit leverages a memory corruption vulnerability in a browser engine to achieve arbitrary read/write primitives, likely targeting a use-after-free or type confusion bug. It employs heap spraying, object manipulation, and ROP techniques to bypass security mitigations.

Description

Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC)

Exploits (1)

exploitdb WORKING POC

by qwertyoruiop · textlocalhardware

https://www.exploit-db.com/exploits/44282

View Code ZIP pw:eip

This exploit leverages a memory corruption vulnerability in a browser engine to achieve arbitrary read/write primitives, likely targeting a use-after-free or type confusion bug. It employs heap spraying, object manipulation, and ROP techniques to bypass security mitigations.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: Unknown browser engine (likely WebKit or Blink-based)

No auth needed

Prerequisites: Victim must visit a malicious webpage · Specific browser version with unpatched vulnerability

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026