EIP-2026-104568

PRE-CVE

Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104568. PoCs published by Berend-Jan Wever.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service vulnerability in Apple Safari by triggering an infinite JavaScript array sort operation, causing the browser to crash. The PoC consists of HTML with embedded JavaScript that continuously creates and sorts arrays, leading to resource exhaustion.

Description

Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Berend-Jan Wever · htmldososx

https://www.exploit-db.com/exploits/24780

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service vulnerability in Apple Safari by triggering an infinite JavaScript array sort operation, causing the browser to crash. The PoC consists of HTML with embedded JavaScript that continuously creates and sorts arrays, leading to resource exhaustion.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Apple Safari (version not specified)

No auth needed

Prerequisites: Victim must visit a malicious webpage

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026