EIP-2026-102866

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102866. PoCs published by Chris Evans.

AI-analyzed exploit summary This exploit leverages a subtle emulation error in the Game Music Emu library (used by gstreamer) to achieve arbitrary code execution on Linux systems (Fedora 25 and Ubuntu 16.04 LTS). The exploit is delivered via a maliciously crafted SNES music file (.spc) disguised as a media file (e.g., .flac or .mp3).

Description

Google Chrome (Fedora 25 / Ubuntu 16.04) - 'tracker-extract' / 'gnome-video-thumbnailer' + 'totem' Drive-By Download

Exploits (1)

exploitdb WORKING POC VERIFIED

by Chris Evans · textlocallinux

https://www.exploit-db.com/exploits/40943

View Code ZIP pw:eip

This exploit leverages a subtle emulation error in the Game Music Emu library (used by gstreamer) to achieve arbitrary code execution on Linux systems (Fedora 25 and Ubuntu 16.04 LTS). The exploit is delivered via a maliciously crafted SNES music file (.spc) disguised as a media file (e.g., .flac or .mp3).

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: gstreamer1-plugins-bad-free-extras (Game Music Emu) on Fedora 25 / Ubuntu 16.04 LTS

No auth needed

Prerequisites: Victim must open a maliciously crafted .spc file (renamed to .flac or .mp3) · Game Music Emu library must be installed and used by gstreamer

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Google Chrome (Fedora 25 / Ubuntu 16.04) - 'tracker-extract' / 'gnome-video-thumbnailer' + 'totem' Drive-By Download

Exploitation Summary

Description

Exploits (1)

Details