EIP-2026-102937

PRE-CVE

opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102937. PoCs published by Marc Schoenefeld.

AI-analyzed exploit summary This Java applet exploits insecure proprietary design in Opera Web Browser's Java implementation to disclose sensitive information by accessing the bootstrap classpath URLs. It leverages Sun's internal APIs to bypass security restrictions.

Description

opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marc Schoenefeld · javalocallinux

https://www.exploit-db.com/exploits/24757

View Code ZIP pw:eip

This Java applet exploits insecure proprietary design in Opera Web Browser's Java implementation to disclose sensitive information by accessing the bootstrap classpath URLs. It leverages Sun's internal APIs to bypass security restrictions.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Opera Web Browser 7.54 (and likely earlier versions)

No auth needed

Prerequisites: Victim must run the malicious Java applet in Opera Web Browser 7.54 or earlier

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026