Security professionals should be aware of this issue to ensure protection against similar exposures in the future. The vulnerability, discovered in Perplexity’s AI-powered Comet browser, allowed attackers to read local files from a victim’s machine by sending a specially crafted calendar event — no complex interaction required on the attacker’s part.
Exploiting the Calendar Event Mechanism to Steal Files
The flaw in the Comet browser allowed an attacker to access local files using a manipulated calendar event. Researcher Matt Kunze, who identified and reported the vulnerability, found that the browser’s handling of calendar invitations could be weaponized to trigger unauthorized file reads from the host system. This method of exploitation was relatively straightforward, making the impact of the vulnerability particularly concerning for everyday users of the browser.
- A malicious user could schedule a calendar event directed at their target.
- The event could be configured to execute a file extraction operation.
- No direct user interaction was required beyond accepting the calendar invitation.
The vulnerability was reported to Perplexity and patched last month. While no CVE number has been publicly assigned to this flaw at the time of writing, the underlying issue stemmed from the browser’s use of custom URI scheme handlers and insufficient input validation when processing event data — a class of vulnerability commonly seen in Electron-based desktop applications.
The Threat Potential and What Users Should Do Now
The ability to execute file theft through a non-interactive means such as a calendar event poses a serious threat to both individual users and organizations relying on AI-assisted browsing tools. The Comet browser, which integrates Perplexity’s AI features directly into a desktop browsing experience, represents a growing category of productivity software that may carry under-tested attack surfaces.
- Users who accepted the malicious event unknowingly allowed access to their local files.
- The exact window of exposure prior to the patch is still a key factor in assessing how many users may have been affected.
- Organizations using Comet in enterprise environments should review endpoint logs for any suspicious calendar activity from unknown senders.
Security measures worth implementing include:
- Keeping browser software updated to the latest patched version.
- Monitoring calendar invitations for unusual or unexpected entries from unknown contacts.
- Employing endpoint detection tools to flag attempts at unauthorized file access.
- Restricting calendar application permissions where possible on sensitive systems.
This incident draws attention to the risks posed by browser-based applications that integrate productivity features without thorough security testing. As AI-powered browsers gain traction, vendors must treat each integrated feature — including something as routine as calendar syncing — as a potential attack vector. Comprehensive testing and rapid patching protocols remain the most reliable line of defense for protecting user data against this kind of exposure.
