EIP-2026-102938

PRE-CVE

Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102938. PoCs published by Marc Schoenefeld.

AI-analyzed exploit summary This Java applet exploits insecure proprietary design in Opera Web Browser's Java implementation to violate Sun's Java secure programming guidelines. It attempts to acquire default Kerberos credentials and display them, potentially leading to sensitive information disclosure or denial of service.

Description

Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marc Schoenefeld · javalocallinux

https://www.exploit-db.com/exploits/24758

View Code ZIP pw:eip

This Java applet exploits insecure proprietary design in Opera Web Browser's Java implementation to violate Sun's Java secure programming guidelines. It attempts to acquire default Kerberos credentials and display them, potentially leading to sensitive information disclosure or denial of service.

Classification

Working Poc 80%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Opera Web Browser 7.54 (and likely earlier versions)

No auth needed

Prerequisites: User interaction to run the Java applet in a vulnerable Opera browser

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026