Perplexity Comet Exposes Local Files And 1Password
Zenity Labs security researchers found in October 2025 that Perplexity’s Comet AI browser allowed unprotected access to users’ local file systems and could be induced—via calendar-event prompt injections—to open local files and hijack unlocked 1Password extensions. Zenity disclosed the issues on October 22, 2025; Perplexity issued fixes on January 23, 2026 and a second patch on February 13, 2026, highlighting AI-browser guardrail gaps.
Key Points
- 1Showed Comet accessed file:// protocol and local files via calendar-triggered prompt injections.
- 2Demonstrated attackers could hijack unlocked 1Password extensions, enabling full account takeover.
- 3Prompted Perplexity fixes and underscored need for AI-browser guardrails and calendar-entry mitigations.
Scoring Rationale
Confirmed vendor patches and practical exploitability drive high impact; scope limited mainly to AI browsers and Comet users.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems
