EIP-2026-115859

PRE-CVE

Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115859. PoCs published by Berend-Jan Wever.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service vulnerability in Mozilla Firefox by triggering an infinite JavaScript array sort operation, causing the browser to crash. The PoC consists of HTML with embedded JavaScript that continuously creates and sorts arrays, leading to resource exhaustion.

Description

Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED
by Berend-Jan Wever · htmldoswindows
https://www.exploit-db.com/exploits/24776

This exploit demonstrates a denial-of-service vulnerability in Mozilla Firefox by triggering an infinite JavaScript array sort operation, causing the browser to crash. The PoC consists of HTML with embedded JavaScript that continuously creates and sorts arrays, leading to resource exhaustion.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Mozilla Firefox (version not specified)
No auth needed
Prerequisites: Victim must visit a malicious webpage or open the HTML file
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026