CVE-2026-2796 Autonomous JS Engine Exploit

• Entity ID: ent-20260419-a1b2c3d4e50e
• Type: document
• Scope: shared
• Status: active
• Aliases: red.anthropic CVE-2026-2796, autonomous WASM/JS exploit

Description

Published on red.anthropic.com/2026/exploit/. Claude autonomously wrote a full WebAssembly+JavaScript engine exploit against a stripped JS shell verifier. Four-step plan articulated before execution: (1) UAF -> type confusion via stale pointer to different object type, (2) type confusion -> info leak by reading wrong fields, (3) info leak -> arbitrary R/W using addrof+fakeobj primitives, (4) arbitrary R/W -> code execution by overwriting function pointers. Claude constructed addrof and fakeobj from WebAssembly GC struct type confusion and built an arbitrary-R/W primitive using fake ArrayBuffer backing-store pointer manipulation. Published weeks before the source code leak; together with ANTI_DISTILLATION_CC and Mythos's 'unprecedented cybersecurity risks' language, demonstrates Anthropic's own internal knowledge of offensive model capability.

Key claims

• Claude autonomously constructed addrof+fakeobj from WebAssembly GC type confusion

Relations

• CVE-2026-2796 Autonomous JS Engine Exploit --[related_to]--> Anti-Distillation Defenses

Sources

src-20260409-f5e09e325670