EIP-2026-102024

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102024. PoCs published by ChendoChap.

AI-analyzed exploit summary This exploit leverages a use-after-free vulnerability in a JavaScript engine to achieve arbitrary read/write primitives, leading to remote code execution. It involves memory manipulation techniques such as heap spraying and object corruption to bypass security mechanisms.

Description

Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)

Exploits (1)

exploitdb WORKING POC

by ChendoChap · javascriptwebappshardware

https://www.exploit-db.com/exploits/49309

View Code ZIP pw:eip

This exploit leverages a use-after-free vulnerability in a JavaScript engine to achieve arbitrary read/write primitives, leading to remote code execution. It involves memory manipulation techniques such as heap spraying and object corruption to bypass security mechanisms.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: Unknown (likely a browser or JavaScript engine, possibly WebKit-based)

No auth needed

Prerequisites: Victim must visit a malicious webpage or execute the JavaScript code · Specific memory layout conditions must be met for successful exploitation

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)

Exploitation Summary

Description

Exploits (1)

Details