EIP-2026-103911

PRE-CVE

Google Chrome 6.0.472 - 'Math.Random()' Random Number Generation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103911. PoCs published by Amit Klein.

AI-analyzed exploit summary This exploit targets a weak random number generation vulnerability in Google Chrome 3.0 Beta. It reverses the PRNG state to predict future values and infer the initial seed, leveraging the predictable nature of the Math.random() implementation.

Description

Google Chrome 6.0.472 - 'Math.Random()' Random Number Generation

Exploits (1)

exploitdb WORKING POC VERIFIED

by Amit Klein · phpremotemultiple

https://www.exploit-db.com/exploits/33192

View Code ZIP pw:eip

This exploit targets a weak random number generation vulnerability in Google Chrome 3.0 Beta. It reverses the PRNG state to predict future values and infer the initial seed, leveraging the predictable nature of the Math.random() implementation.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Google Chrome 3.0 Beta

No auth needed

Prerequisites: Victim must use Google Chrome 3.0 Beta on Windows · Attacker must trick victim into executing the PHP script or visiting a malicious page

MITRE ATT&CK

T1589 - Gather Victim Identity Information

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026