EIP-2026-103438

PRE-CVE

Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103438. PoCs published by Google Security Research.

AI-analyzed exploit summary This PoC exploits an out-of-bounds read vulnerability in V8's bytecode generator due to empty jump tables in generator functions. The issue arises in `JumpTableTargetOffsets::iterator::UpdateAndAdvanceToValid`, where `table_offset_` can exceed `table_end_`, leading to memory corruption.

Description

Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · javascriptdosmultiple

https://www.exploit-db.com/exploits/44260

View Code ZIP pw:eip

This PoC exploits an out-of-bounds read vulnerability in V8's bytecode generator due to empty jump tables in generator functions. The issue arises in `JumpTableTargetOffsets::iterator::UpdateAndAdvanceToValid`, where `table_offset_` can exceed `table_end_`, leading to memory corruption.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Google V8 JavaScript Engine (Chromium)

No auth needed

Prerequisites: V8 engine with vulnerable bytecode generator

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026