EIP-2026-119014

PRE-CVE

Oracle Java - ByteComponentRaster.verify() Memory Corruption

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119014. PoCs published by Packet Storm.

AI-analyzed exploit summary This advisory describes a memory corruption vulnerability in Oracle Java's ByteComponentRaster.verify() method, allowing remote code execution via boundary check bypass. The PoC is referenced externally but not included in the provided text.

Description

Oracle Java - ByteComponentRaster.verify() Memory Corruption

Exploits (1)

exploitdb WRITEUP

by Packet Storm · textremotewindows

https://www.exploit-db.com/exploits/27943

View Code ZIP pw:eip

This advisory describes a memory corruption vulnerability in Oracle Java's ByteComponentRaster.verify() method, allowing remote code execution via boundary check bypass. The PoC is referenced externally but not included in the provided text.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Oracle Java prior to 7u25

No auth needed

Prerequisites: Target must visit a malicious page or open a malicious file

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026