EIP-2026-118999
PRE-CVEOpera 9.61 - 'opera:historysearch' Code Execution
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-118999. PoCs published by Aviv Raff.
AI-analyzed exploit summary This exploit leverages a cross-site scripting (XSS) vulnerability in Opera browser's history search functionality. It uses an obfuscated JavaScript payload to create a malicious script element that loads an external resource from a remote server.
Description
Opera 9.61 - 'opera:historysearch' Code Execution
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Aviv Raff · htmlremotewindows
https://www.exploit-db.com/exploits/6880
This exploit leverages a cross-site scripting (XSS) vulnerability in Opera browser's history search functionality. It uses an obfuscated JavaScript payload to create a malicious script element that loads an external resource from a remote server.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Opera browser (version not specified)
No auth needed
Prerequisites:
Victim must be using a vulnerable version of Opera browser · Victim must interact with the malicious link or page
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026