EIP-2026-104020

PRE-CVE

Opera Web Browser 7 - IFRAME Zone Restriction Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104020. PoCs published by Mindwarper.

AI-analyzed exploit summary The exploit demonstrates a vulnerability in Opera web browser's handling of malformed HTML iframes pointing to local system locations, potentially allowing access to the user's filesystem within the Local Zone. The provided iframe code attempts to exploit this by referencing a local file path.

Description

Opera Web Browser 7 - IFRAME Zone Restriction Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by Mindwarper · textremotemultiple

https://www.exploit-db.com/exploits/23291

View Code ZIP pw:eip

The exploit demonstrates a vulnerability in Opera web browser's handling of malformed HTML iframes pointing to local system locations, potentially allowing access to the user's filesystem within the Local Zone. The provided iframe code attempts to exploit this by referencing a local file path.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Opera web browser (version not specified)

No auth needed

Prerequisites: User interaction to load the malicious HTML content in Opera browser

MITRE ATT&CK

T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026