A researcher from Hacktron showcased the potential for automating exploit creation powered by Artificial Intelligence. Utilizing the Claude Opus model, and expending just $2,283 on API tokens over the course of a week, they successfully generated a complete vulnerability exploitation chain targeting the V8 engine within Google Chrome.
The target for this investigation was the Discord application, which ran on an outdated version of Chromium (Chrome 138), lagging nine versions behind the current releases. Notably, the researcher did not perform any training on the model regarding the V8 architecture or specific exploitation methodologies. Instead, they acted purely as an operator—guiding the search direction, discarding ineffective pathways, and initiating subsequent rounds of exploration.
Throughout the trial, the model endured 27 unsuccessful attempts, submitted 1,765 prompts, and processed approximately 2.3 billion tokens before finally generating a functional exploit chain. This chain leveraged the vulnerability identified as CVE-2026-5873, stemming from an optimization flaw in the Turboshaft compiler, which permitted arbitrary memory access. To subsequently escape the confines of the V8 sandbox, a separate use-after-free vulnerability within the WasmCodePointerTable component was also incorporated, ultimately leading to the execution of arbitrary code.
It is significant that the vulnerability mentioned was discovered in Chrome 146, which is integrated into Anthropic’s desktop application itself. The researcher estimates that the likelihood of constructing a comparable exploit chain against Claude Desktop is as high as 60% with comparable expenditure, although achieving full system compromise would necessitate an additional vulnerability existing outside the sandbox environment.
The expenditure of approximately $2.3 thousand aligns closely with the lower threshold for bug bounty awards; for instance, Google often offers around $10,000 for reported issues through its specific programs. On secondary, unregulated markets, the price point for such functional exploits can easily exceed this figure substantially.
About the Author
