According to the seller, when opened in a browser, the PDF file executes JavaScript commands, escapes the Chromium sandbox, and downloads and runs arbitrary EXE files on the system. The file is delivered as a regular PDF, without using archives. The method does not work in Adobe Reader, Foxit, or other dedicated PDF viewers.

Vulnerability type: 1click RCE
Target software: Chromium‑based browsers (Chrome, Edge, Brave, Opera)
Affected versions: v80 – v127

💬 Discuss

Sale of a PDF exploit for Chromium-based browsers