EIP-2026-102865

PRE-CVE

Google Chrome 109.0.5414.74 - Code Execution via missing lib file (Ubuntu)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102865. PoCs published by Rafay Baloch and Muhammad Samak.

AI-analyzed exploit summary This exploit leverages a writable directory in Ubuntu where Google Chrome attempts to load a missing shared library (`libnssckbi.so`). By placing a malicious library in `/home/$username/.pki/nssdb/`, arbitrary code execution is achieved when Chrome loads the library.

Description

Google Chrome 109.0.5414.74 - Code Execution via missing lib file (Ubuntu)

Exploits (1)

exploitdb WORKING POC

by Rafay Baloch and Muhammad Samak · textlocallinux

https://www.exploit-db.com/exploits/51331

View Code ZIP pw:eip

This exploit leverages a writable directory in Ubuntu where Google Chrome attempts to load a missing shared library (`libnssckbi.so`). By placing a malicious library in `/home/$username/.pki/nssdb/`, arbitrary code execution is achieved when Chrome loads the library.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Google Chrome 109.0.5414.74 on Ubuntu 22.04.1

No auth needed

Prerequisites: Write access to `/home/$username/.pki/nssdb/` · Google Chrome 109.0.5414.74 installed on Ubuntu 22.04.1

MITRE ATT&CK

T1574.006 - Dynamic Linker Hijacking

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026