A high-severity CVE-2026-0628 in Chrome's Gemini allowed local file access and privacy invasion. Google quickly patched the flaw.

Unit42 is a cybersecurity research team known for its  analysis of cyber threats, malware, and cyber attack trends. Through research reports, threat intelligence briefings, and data analysis, Unit42 offers insights into emerging cyber threats and adversary tactics. Readers can learn about threat detection methodologies, vulnerability trends, and cyber attack attribution to enhance their cybersecurity posture and protect their organizations from advanced cyber threats.

Unit 42

Unit 42 researchers discovered CVE-2026-0628, a high-severity vulnerability in Chrome's Gemini Live panel that allowed malicious browser extensions to hijack the AI side panel via the declarativeNetRequest API. Because the Gemini panel runs with elevated browser-level privileges, an attacker could exploit this to access the victim's camera and microphone without consent, read local files and directories, take screenshots of HTTPS tabs, and conduct phishing attacks — all requiring only a single user click to open Gemini. The key flaw was that Chrome failed to distinguish between the Gemini web app loaded in a normal tab (low privilege) versus loaded inside the privileged browser panel (high privilege), allowing extension-injected JavaScript to inherit those elevated capabilities. Google was notified in October 2025 and patched the issue in early January 2026.

Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel

Fusing AI Into the Browser: Security Hazards

Extensions Security: Understanding the Threat Model

The Vulnerability in Gemini Live in Chrome

Privilege Escalation: Camera, Files, Screenshots and More

Risk Averted: How Could This Have Turned Out?