EIP-2026-103482

PRE-CVE

Google Chrome - Out-of-Bounds Access in RegExp Stubs

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103482. PoCs published by Google Security Research.

AI-analyzed exploit summary The exploit leverages a type confusion vulnerability in V8's RegExp handling, where altering the map of a RegExp object after a check causes out-of-bounds memory access via lastIndex manipulation. The PoC triggers a crash in Chrome by forcing a dictionary transition and then accessing the corrupted lastIndex.

Description

Google Chrome - Out-of-Bounds Access in RegExp Stubs

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/42286

View Code ZIP pw:eip

The exploit leverages a type confusion vulnerability in V8's RegExp handling, where altering the map of a RegExp object after a check causes out-of-bounds memory access via lastIndex manipulation. The PoC triggers a crash in Chrome by forcing a dictionary transition and then accessing the corrupted lastIndex.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Google Chrome (V8 Engine) Beta on Linux

No auth needed

Prerequisites: Target running vulnerable version of Chrome Beta on Linux

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026