Which is why they released the code to the exploit before it's been patched, meaning bad actors now likely have months to profit off it before a meaningful % of devices are patched.
Good news I guess?
> Warning: Experimental Kernel Exploit > By clicking “Step 2”, you acknowledge and agree that this website will run an open-source kernel exploit on your device.
Then again, one does take the risk of landing on a site like that and not being asked every other time clicking a link.
CVE-2026-10702 [1]: A crafted JavaScript payload can trigger JIT miscompilation in Firefox versions prior to 151.0.3, leading to type confusion and potential renderer crashes or memory corruption.
CVE-2026-43499 [2]: When the kernel's real-time mutex (rtmutex) component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' (UAF) vulnerability, where the system attempts to use memory that has already been released. A local attacker could potentially exploit this to gain elevated privileges or execute unauthorized code.
0: https://github.com/NebuSec/CyberMeowfia/tree/main/IonStack
1: https://www.sentinelone.com/vulnerability-database/cve-2026-...