Developer Aldo Vargas has released a significant update for the PS5 UMTX Jailbreak exploit , originally developed by Idlesauce and based on @shahrilnet and @n0llptr ‘s LUA implementation .

This new release integrates the latest payloads and components developed by leading figures in the homebrew scene: it includes updated payload daemons from John Tornblom , kstuff 1.3 and byepervisor from EchoStretch .

https://platform.twitter.com/embed/Tweet.html?creatorScreenName=Checcolin80&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1910775280563519697&lang=it&origin=https%3A%2F%2Fwww.biteyourconsole.net%2F2025%2F04%2F12%2Fscena-ps5-nuovo-aggiornamento-per-ps5-umtx-jailbreak-lexploit-sfrutta-una-vulnerabilita-di-tipo-use-after-free-uaf-nel-sistema-operativo-della-console-playstation-5%2F&sessionId=ecc3e91c0d1fdcc06c29f91f9d0af3c3ea0e8526&siteScreenName=BiteYourConsole&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px

It also integrates the latest 2.0b version of etaHEN from LightningMods and an updated version of ps5debug from @GoldHEN .

Despite the updates, the technical structure of the exploit remains unchanged and is based on a use-after-free vulnerability within the PS5 browser’s WebKit engine.

This type of bug arises from incorrect handling of JavaScript or DOM objects: when a specially crafted web page frees an object but keeps a reference to it, it opens up the possibility of manipulating memory and overwriting sensitive data.

In the specific case of UMTX2 , the flaw is exploited in combination with communication mechanisms such as IPv6 pipes and sockets, thus gaining stable access to the console kernel.

However, the effectiveness of the exploit stops at firmwares up to version 5.50. Sony has in fact implemented countermeasures both in the memory manager and in the heap structure in subsequent firmwares, effectively neutralizing the vulnerability.

Additionally, while WebKit has fixed the bug in newer versions, the PS5’s built-in browser does not receive independent updates, making the exploit still valid on unpatched systems.

However, it is important to point out that using this technique can cause instability and crashes of the console, as well as violating the terms of use imposed by Sony .

Main features

Compatibility : Supports PS5 firmware versions 1.00 to 5.50 .
Payload Menu : Includes an interface for managing payloads.
PSFree 150b : Uses version 150b of the PSFree exploit, developed by abc .
ELF Loader : Automatically loads @john -tornblom ‘s ELF loader.
Backward Payload Compatibility : Includes the ELF 9020 loader to support older payloads (not available in Webkit-only mode).
Webkit-only mode : Provides a mode to send payloads and clear application caches via Webkit.