Researchers found a now-patched vulnerability in "Live in Chrome" that allowed a Chrome extension to inherit Gemini’s permissions.

Security Boulevard is a leading cybersecurity news and information portal, offering articles, analysis, and insights on cybersecurity threats, vulnerabilities, and best practices. From the latest trends in cyber threats to expert commentary on security technologies and compliance frameworks, Security Boulevard provides resources for security professionals, IT leaders, and business executives seeking to protect their organizations from cyber attacks and data breaches.

Security Boulevard

A high-severity vulnerability (CVE-2026-0628) in Chrome's Gemini 'Live in Chrome' side panel allowed a low-privilege browser extension to inject JavaScript into the privileged AI panel and inherit its capabilities, including camera/microphone access, local file enumeration, screenshots, and the ability to turn the panel into a phishing UI. The flaw exploited the declarativeNetRequest API to tamper with traffic to gemini.google.com when loaded in the side panel. Google patched the issue in a January 2026 update. The broader concern is that agentic AI browsers (Gemini in Chrome, Copilot in Edge, etc.) require broad permissions that make them attractive attack targets, breaking traditional browser isolation boundaries.

Chrome flaw let extensions hijack Gemini’s camera, mic, and file access