By Markus Kasanmascheff
Publication Date: 2025-11-23 12:42:00
Perplexity has dismissed a critical Remote Code Execution (RCE) vulnerability report as “fake news,” even as researchers claim the company quietly patched the flaw this week.
Cybersecurity firm SquareX alleges that the Comet browser’s undocumented MCP API allowed attackers to bypass sandboxing and hijack devices.
This represents a significant leap in severity from the indirect prompt injection flaws reported in August. While Perplexity insists the exploit requires implausible user intervention, evidence suggests a silent update on November 20 disabled the vulnerable feature entirely.
‘Fake News’ vs. Silent Patch
SquareX researchers formally submitted the vulnerability report via Bugcrowd’s Vulnerability Disclosure Program (VDP) on November 4, 2025. Rather than following standard industry protocols, acknowledging the report, verifying the findings, and crediting the researchers upon patching, Perplexity’s response bypassed technical engagement entirely.
Fueling the controversy, the company launched a direct attack on the researchers’ credibility. Spokesperson Jesse Dwyer categorically denied the validity of the findings in a statement to TechRadar, stating that “This is SquareX’s second time presenting false security research. The first one we also proved was false.”
Perplexity’s primary defense rests on the claim that the exploit is theoretically impossible without extreme user intervention. Dwyer argued that “to replicate this, the human user…
