VYPR
researchPublished Jul 15, 2026· 1 source

AI Model GPT-5.6 Sol Ultra Independently Creates Full Chrome Exploit Chain

An advanced AI model, GPT-5.6 Sol Ultra, has successfully constructed a complete exploit chain for Google Chrome by analyzing publicly available security patch commits, demonstrating a significant acceleration in exploit development capabilities.

In a groundbreaking demonstration of artificial intelligence's offensive security potential, OpenAI's GPT-5.6 Sol Ultra model has autonomously developed a fully functional exploit chain targeting Google Chrome. Researchers from Hacktron tasked the AI with a complex challenge: to analyze security patch commits for V8, Chrome's JavaScript engine, and build an exploit from scratch. The AI was provided with the V8 source tree and a sandboxed testing environment, aiming to replicate a standard three-stage browser exploit process.

The objective involved achieving target primitives like arbitrary read/write within V8's sandbox, followed by a sandbox escape to gain native memory access outside the sandbox, and finally, achieving code execution by controlling the program counter. Out of three frontier AI models tested, including Grok 4.5 and GPT-5.6 Sol Medium, only Sol Ultra successfully completed the entire chain, culminating in the execution of a calculator program.

Sol Ultra's exploit chain began by identifying a Maglev type-confusion bug, a flaw in V8's inlined array iterator that lacked a proper map check. This initial vulnerability allowed the AI to build essential primitives for arbitrary read and write operations within the JavaScript engine. The AI then methodically escalated its privileges, forging a fake JSArray to gain read/write access to a 4GB memory cage, and subsequently expanding this to full 1TB V8 sandbox access by corrupting DataView metadata.

Further stages of the exploit involved leaking critical native process addresses. Sol Ultra achieved this by exploiting a signed-integer bug present in the String::VisitFlat function. The AI then pivoted to a use-after-free vulnerability within Wasm's background compiler, specifically in the NativeModule component, to establish a controlled native primitive. This primitive was crucial for manipulating the WebAssembly Code Pointer table, enabling the redirection of program execution.

The final stage of the exploit chain saw Sol Ultra hijacking a posix_spawnp system call. This allowed the AI to gain complete control over program execution, leading to the successful launch of the Calculator application as proof of concept. The entire process, from analyzing patches to achieving code execution, highlights the AI's sophisticated understanding of complex software vulnerabilities and exploit development techniques.

During its operation, GPT-5.6 Sol Ultra processed approximately 2.1 billion tokens and made over 14,000 requests, with an estimated cost of $1,597. The AI utilized 74 sub-agents to manage roughly 70% of the investigation, demonstrating a complex, multi-agent approach to problem-solving. Notably, the root agent maintained its strategic objective despite undergoing 33 context compactions, which each time discarded over 92% of its active context.

This development signals a potential paradigm shift in exploit development, moving it from a scarce, expertise-driven skill to a more scalable, compute-intensive process. If threat actors can leverage such AI models to weaponize patches faster than defenders can deploy them, the critical 'patch gap'—the window between vulnerability disclosure and patching—could shrink dramatically. This increases the risk associated with N-day vulnerabilities, making timely patching more crucial than ever for organizations.

The practical implications for security teams are profound. The research underscores the urgent need to accelerate patch deployment and re-evaluate the prioritization of N-day vulnerabilities. The ability of AI to rapidly generate sophisticated exploits from publicly available information poses a significant challenge to current cybersecurity defenses, necessitating a proactive and agile approach to vulnerability management.

Synthesized by Vypr AI