Ori Nimron
As promised - full blog post is live for CVE-2026-40369 Covers everything: initial research, methodology, the exploitation path, caveats, cleanups, etc. The whole journey from finding it to production-grade exploit: https://pwn2nimron.com/blog
Ori Nimron
@M4x_1997 4/4: Last but not least CVE-2026-40369 - Windows Kernel Arbitrary Increment primitive reachable from any browser sandbox renderer process This one was rejected from Pwn2Own and closed anyway yesterday :( My exploit is here - blogpost will be soon: https://github.com/orinimron123/CVE-2026-40369-EXPLOIT
