EIP-2026-101854

PRE-CVE

Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101854. PoCs published by byteGoblin.

AI-analyzed exploit summary This exploit targets an unauthenticated remote memory leak in Nanometrics Centaur and TitanSMA devices by sending malicious HTTP packets to trigger a memory leak in the Jetty server, then reading the leaked data from unprotected system logs.

Description

Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak

Exploits (1)

exploitdb WORKING POC

by byteGoblin · pythonwebappshardware

https://www.exploit-db.com/exploits/48098

View Code ZIP pw:eip

This exploit targets an unauthenticated remote memory leak in Nanometrics Centaur and TitanSMA devices by sending malicious HTTP packets to trigger a memory leak in the Jetty server, then reading the leaked data from unprotected system logs.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Nanometrics Centaur <= 4.3.23, TitanSMA <= 4.2.20

No auth needed

Prerequisites: Network access to the target device · Jetty server exposed and vulnerable

MITRE ATT&CK

T1040 - Network Sniffing T1119 - Automated Collection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026