Security Flaw in Zen Browser Affects Context-Menu Actions
CVE-2026-57501
NONE
What is CVE-2026-57501?
A vulnerability in Zen Browser allows context-menu actions to load page-controlled links with System privileges instead of the appropriate principal. This flaw permits a malicious webpage to execute file URLs, bypassing security checks intended to prevent unauthorized file access when using the 'Open link in glance' and 'Split link in new tab' functionalities. The issue is rectified in version 1.21.5b.
Affected Version(s)
desktop < 1.21.5b
