Chrome AI panel became privilege escalator for extensions

A high-severity vulnerability (CVE-2026-0628) in Google Chrome allowed malicious browser extensions to hijack the embedded Gemini Live AI panel and inherit its elevated privileges. Because Gemini Live has deep system access — including screenshots, local file reads, and camera/microphone control — a rogue extension exploiting Show more