EIP-2026-118277

PRE-CVE

Apple Safari 5.1.5 For Windows - 'window.open()' URI Spoofing

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118277. PoCs published by Lostmon.

AI-analyzed exploit summary This is a functional proof-of-concept for a URI-spoofing vulnerability in Apple Safari for Windows prior to version 5.1.5. The exploit uses JavaScript to manipulate the `window.open()` function and document writing to spoof the displayed URL, potentially tricking users into trusting a malicious site.

Description

Apple Safari 5.1.5 For Windows - 'window.open()' URI Spoofing

Exploits (1)

exploitdb WORKING POC VERIFIED

by Lostmon · htmlremotewindows

https://www.exploit-db.com/exploits/37020

View Code ZIP pw:eip

This is a functional proof-of-concept for a URI-spoofing vulnerability in Apple Safari for Windows prior to version 5.1.5. The exploit uses JavaScript to manipulate the `window.open()` function and document writing to spoof the displayed URL, potentially tricking users into trusting a malicious site.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Apple Safari for Windows < 5.1.5

No auth needed

Prerequisites: User interaction (clicking a link or visiting a malicious page)

MITRE ATT&CK

T1036 - Masquerading

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026