{"uuid": "c753522f-afc1-4452-8c8b-0efd9087b452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6307", "type": "seen", "source": "https://t.me/brutsecurity/2777", "content": "\ud83d\udd25 Chrome RCE PoC: CVE-2026-6307\n\nA working renderer RCE Proof of Concept for CVE-2026-6307 \u2014 a V8 type-confusion bug (JS-to-Wasm deoptimization) patched in Chrome 147.0.7727.101.\n\n\u2705 Full primitives (addrof/fakeobj, out-of-cage, in-cage r/w)  \n\u2705 No-ASLR RCE that patches JIT code to pop xcalc  \n\u2705 Based on Nebula Security writeup  \n\u2705 Heavily improved with frontier LLMs + human direction (4-day experiment)\n\nThis is renderer-only and still far from fully weaponized, but great for learning and research.\n\n\ud83d\udce5 PoC + scripts:  \nhttps://github.com/0xsha/CVE-2026-6307\n\n#Chrome #V8 #Exploit #CVE #SecurityResearch", "creation_timestamp": "2026-07-09T03:00:04.592434Z"}