CVE-2026-53765
Analyzed Analyzed - Analysis Complete

Race Condition in Chrome DevTools for Agents

Vulnerability report for CVE-2026-53765, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-24

Last updated on: 2026-06-26

Assigner: GitHub, Inc.

Description

Chrome DevTools for agents (chrome-devtools-mcp) lets your coding agent control and inspect a live Chrome browser. From 0.20.0 until 1.1.0, The chrome-devtools-mcp daemon writes its PID file with fs.writeFileSync() to a deterministic runtime path. On typical macOS environments, and on Linux sessions where $XDG_RUNTIME_DIR is unset, that runtime path falls back to /tmp/chrome-devtools-mcp-<uid>/daemon.pid. Because the write does not use O_NOFOLLOW, a local low-privilege user on the same POSIX host can pre-create /tmp/chrome-devtools-mcp-<victim_uid>/daemon.pid as a symlink to a file writable by the victim. When the victim later starts daemon mode, fs.writeFileSync() follows the symlink and truncates the target file to the daemon PID string. This vulnerability is fixed in 1.1.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-24
Last Modified
2026-06-26
Generated
2026-07-15
AI Q&A
2026-06-25
EPSS Evaluated
2026-07-13
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
google chrome-devtools-mcp From 0.20.0 (inc) to 1.1.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-59 The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Detection Guidance

This vulnerability involves the chrome-devtools-mcp daemon writing its PID file to a predictable path without using O_NOFOLLOW, allowing a local low-privilege user to create a symlink that can be exploited.

To detect if your system is vulnerable, you can check for the presence of the PID file at the typical runtime path and verify if it is a symlink. On macOS or Linux systems where $XDG_RUNTIME_DIR is unset, the path is /tmp/chrome-devtools-mcp-<uid>/daemon.pid.

  • Run the following command to check if the PID file exists and whether it is a symlink (replace <uid> with the user ID):
  • ls -l /tmp/chrome-devtools-mcp-<uid>/daemon.pid

If the file is a symlink, it indicates a potential exploitation vector for this vulnerability.

Additionally, check the version of chrome-devtools-mcp installed. Versions from 0.20.0 up to but not including 1.1.0 are vulnerable.

  • To check the installed version, you might use a command like:
  • chrome-devtools-mcp --version
Compliance Impact

This vulnerability allows a local low-privilege user to cause file truncation by exploiting a symlink-following issue in the chrome-devtools-mcp daemon's PID file handling. The impact includes integrity loss and potential availability issues if critical files such as SSH keys or shell configurations are overwritten.

While the CVE description and resources do not explicitly mention compliance with standards like GDPR or HIPAA, the integrity and availability impacts could potentially affect compliance. For example, if critical security files are corrupted or overwritten, it could lead to unauthorized access or denial of service, which may violate data protection and security requirements under such regulations.

Executive Summary

The vulnerability exists in the chrome-devtools-mcp daemon versions from 0.20.0 until 1.1.0. The daemon writes its PID file to a predictable runtime path using fs.writeFileSync() without the O_NOFOLLOW flag. On macOS and some Linux environments, this path defaults to /tmp/chrome-devtools-mcp-<uid>/daemon.pid.

A local low-privilege user on the same POSIX host can exploit this by pre-creating the daemon.pid file as a symbolic link to another file writable by the victim user. When the victim starts the daemon, the write operation follows the symlink and truncates the target file, overwriting it with the daemon's PID string.

This can lead to unintended modification of files due to the lack of secure file handling in the PID file creation process. The issue is fixed in version 1.1.0.

Impact Analysis

This vulnerability allows a local low-privilege user to overwrite arbitrary files writable by the victim user by exploiting the PID file creation process. This can lead to data corruption or modification of important files without proper authorization.

While it does not directly allow remote code execution or privilege escalation, it can cause denial of service or integrity issues by truncating or altering files unexpectedly.

Mitigation Strategies

To mitigate this vulnerability, upgrade the chrome-devtools-mcp daemon to version 1.1.0 or later, where the issue is fixed.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53765. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart