EIP-2026-103913

PRE-CVE

Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103913. PoCs published by Google Security Research.

AI-analyzed exploit summary This is a detailed technical analysis of a type confusion vulnerability in V8's JSPromise implementation, specifically in TriggerPromiseReactions. It explains how the vulnerability can be triggered via ReadableStream API manipulation and microtasks, leading to potential exploitation.

Description

Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · htmlremotemultiple

https://www.exploit-db.com/exploits/46654

View Code ZIP pw:eip

This is a detailed technical analysis of a type confusion vulnerability in V8's JSPromise implementation, specifically in TriggerPromiseReactions. It explains how the vulnerability can be triggered via ReadableStream API manipulation and microtasks, leading to potential exploitation.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Complex

Reliability

Theoretical

Target: Chromium V8 Engine (versions affected by the described vulnerability)

No auth needed

Prerequisites: Access to a vulnerable version of Chromium/V8 · Ability to execute JavaScript in the target environment

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026