Skip to main content
Meet us at Black Hat USA 2026— Las Vegas, August 1–6Book a Meeting
Mallory
HighPublic exploit

Type Confusion in Google Chrome Turbofan

IdentifiersCVE-2026-6307CWE-843· Access of Resource Using…

CVE-2026-6307 is a high-severity type confusion vulnerability in Google Chrome's Turbofan optimizing JIT compiler in V8. It affects Chrome versions prior to 147.0.7727.101 and can be triggered by a remote attacker via a crafted HTML page. Supporting context indicates the flaw arises when Turbofan's speculative type assumptions are violated at runtime but deoptimization does not occur as expected, causing optimized machine code to operate on objects using an incorrect type layout. This type-layout mismatch can lead to controlled memory corruption and arbitrary code execution within the renderer process, constrained by Chrome's sandbox.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation allows arbitrary code execution inside Chrome's renderer sandbox. Although execution is sandboxed, an attacker may still gain access to sensitive browser-context data available to the compromised renderer, including rendered content, cookies, session tokens, and potentially credentials or other data exposed to that process. The vulnerability can also serve as the initial stage in a multi-bug exploit chain; if combined with a separate sandbox escape, it could contribute to full system compromise.

Mitigation

If you can’t patch tonight, do this now.

Apply vendor updates as soon as available and verify deployed browser versions rather than relying solely on staged auto-update rollout. Until patching is complete, reduce exposure to untrusted web content, especially links, redirects, malvertising, phishing pages, and compromised sites that could deliver crafted HTML. Enterprise defenders should prioritize patch validation across Chrome and Chromium-based browser fleets because this bug can provide renderer-level code execution with only webpage visitation.

Remediation

Patch, then assume compromise.

Upgrade Google Chrome to version 147.0.7727.101 or later. Supporting context indicates fixed builds were released on April 15, 2026, including 147.0.7727.101 for Linux and Android, and 147.0.7727.101/102 for Windows and macOS. Downstream Chromium-based browsers should also be updated once they incorporate the upstream Chromium fix.
PUBLIC EXPLOITS

Exploits

2 valid exploits after Mallory filtered fakes, detection scripts, and README-only repos.

VALID 2 / 2 TOTALView more in app
CVE-2026-6307-LonginusMaturityPoCVerified exploit

Repository contains a real exploit PoC for CVE-2026-6307 ('Longinus'), a V8 TurboFan type-confusion bug involving JS-to-Wasm call inlining and incorrect FrameState merging. The main exploit is poc.js, which builds a WebAssembly module with mismatched externref/i64 return paths and uses V8 optimization/deoptimization intrinsics (%PrepareFunctionForOptimization and %OptimizeFunctionOnNextCall) to obtain two core exploitation primitives: addrof and fakeobj. The script then demonstrates object identity recovery and a conceptual ArrayBuffer-based arbitrary memory access path, but stops short of full renderer RCE or sandbox escape implementation. Repository structure: README.md documents the vulnerability, setup, and expected behavior; poc.js is the core exploit; gen.py is a Python generator that emits polymorphic/obfuscated JavaScript variants with anti-debug logic and labels for reverse_tcp/bind_tcp/stager modes, though these modes only print messages and do not implement real network shells; val.py is a validator that generates an obfuscated test payload and either runs it locally through d8 or POSTs it to a user-supplied remote execution endpoint to determine whether the target appears vulnerable; cve-2026-6307_d8_execution.yml is a Sigma-style detection rule for d8 execution with the required flags; cve-2026-6307_longinus_poc.yar is a YARA rule matching characteristic strings from the PoC. Capabilities: browser/web attack via malicious JavaScript against vulnerable Chrome/V8, local d8-based proof-of-concept execution, primitive generation for arbitrary address leak and fake object creation, obfuscated payload generation, and vulnerability validation. Notable endpoints are mostly references and local execution artifacts; the only dynamic network target is the arbitrary remote URL passed to val.py in remote mode, which receives JSON containing the generated script.

J4ck3LSyN-Gen2Disclosed Jul 1, 2026markdownyamlbrowserwebnetwork
CVE-2026-6307MaturityPoCVerified exploit

Repository is a real exploit research PoC for CVE-2026-6307, a V8 JS-to-Wasm type confusion affecting Chrome 146. It is not a framework module; it is a standalone lab repository with 13 files split into two main tracks: flag-free browser primitives and a deterministic no-ASLR renderer RCE demo. Structure: - README.md documents the vulnerability, tested versions, reliability, and execution steps. - flag-free/ contains four HTML PoCs that work without --allow-natives-syntax. These progressively demonstrate: (00) reachability of the confused deopt state, (01) addrof/fakeobj primitives, (02) a confused out-of-cage store landing in a chosen object field, and (03) in-cage arbitrary read/write via a forged PACKED_DOUBLE array. - rce-no-aslr/ contains two main exploit HTML files plus helper shell scripts. exploit-calc.html and exploit-exit.html use V8 natives syntax and a no-ASLR lab setup to convert the primitive into visible renderer RCE. run.sh automates local hosting and Chrome launch modes; demo.sh adds cleanup/retry logic; pocmode.sh switches the benign payload target; xcalc-msgbox.sh replaces xcalc with an xmessage banner. Main exploit capabilities: 1. Browser-side trigger of the vulnerable JS-to-Wasm deoptimization confusion. 2. Runtime address disclosure and object materialization primitives (addrof/fakeobj). 3. Arbitrary object field overwrite / confused store. 4. In-cage arbitrary 64-bit read/write by forging JSArray/FixedDoubleArray metadata. 5. JIT code patching in a deterministic lab environment. 6. Renderer code execution with benign shellcode payloads. The exploit is clearly intended for local reproduction and defensive research, but it is still operational exploit code. The RCE chain depends on weakened browser protections and deterministic addressing rather than being broadly weaponized. It serves exploit pages over a local Python HTTP server on 127.0.0.1:8080 and targets a locally launched vulnerable Chrome instance. The payloads are benign but genuine: execve('/usr/bin/xcalc'), exit(66), or an infinite jump loop for debugger validation.

0xshaDisclosed Jul 1, 2026javascripthtmlbrowserweblocal
EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
GoogleChromeapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity12

Community discussion across Reddit, Mastodon, and other social sources.