Zen's glance and split-view context-menu actions — "Open link in glance" and "Split link in new tab" — load a page-controlled link URL with the System principal instead of the originating page's principal. A malicious web page can place a link to a file:// URL (which a web origin is normally forbidden to load); if the user opens that link via either context-menu item, it loads with System privileges, bypassing the content→file: security check that blocks an ordinary click. Exploitation requires a user gesture (right-click → menu item). javascript: and chrome:// targets did not load on this path in testing, and the loaded file:// document is cross-origin to the attacker page, so this is a privilege/principal-escalation that exposes local files, not code execution or silent file theft. Severity: Medium (CWE-266), the same defect class as CVE-2026-44658.
Zen's glance and split-view context-menu actions — "Open link in glance" and "Split link in new tab" — load a page-controlled link URL with the System principal instead of the originating page's principal. A malicious web page can place a link to a
file://URL (which a web origin is normally forbidden to load); if the user opens that link via either context-menu item, it loads with System privileges, bypassing the content→file:security check that blocks an ordinary click. Exploitation requires a user gesture (right-click → menu item).javascript:andchrome://targets did not load on this path in testing, and the loadedfile://document is cross-origin to the attacker page, so this is a privilege/principal-escalation that exposes local files, not code execution or silent file theft. Severity: Medium (CWE-266), the same defect class as CVE-2026-44658.