EIP-2026-103490

PRE-CVE

Google Chrome 72.0.3626.81 - 'V8TrustedTypePolicyOptions::ToImpl' Type Confusion

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103490. PoCs published by Google Security Research.

AI-analyzed exploit summary This is a detailed technical analysis of a type confusion vulnerability in Chrome's V8 JavaScript engine, where the binding code generator fails to validate callback properties in dictionaries, leading to a crash when non-function objects are passed. The writeup includes code snippets, stack traces, and a reproduction case.

Description

Google Chrome 72.0.3626.81 - 'V8TrustedTypePolicyOptions::ToImpl' Type Confusion

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/46652

View Code ZIP pw:eip

This is a detailed technical analysis of a type confusion vulnerability in Chrome's V8 JavaScript engine, where the binding code generator fails to validate callback properties in dictionaries, leading to a crash when non-function objects are passed. The writeup includes code snippets, stack traces, and a reproduction case.

Classification

Writeup 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Google Chrome 72.0.3626.81

No auth needed

Prerequisites: TrustedTypes feature enabled via experimental flag

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026