Chrome Gemini panel became privilege escalator for rogue extensions

Security boffins have discovered a high-severity bug in Google Chrome that allowed malicious extensions to hijack its Gemini Live AI panel and inherit privileges they were never meant to have.

The flaw, tracked as CVE-2026-0628, was uncovered by researchers at Palo Alto Networks' Unit 42 who found that rogue Chrome extensions could manipulate how the browser handled requests to the embedded Gemini Live side panel. By exploiting the way Chrome handles extension network rules, a malicious add-on with fairly standard permissions could intercept and tamper with traffic headed for the Gemini panel, slipping its own JavaScript into a far more trusted part of the browser.

Gemini Live, built into Chrome as an interactive AI panel, isn't just a chatbot bolted onto a tab. It's tightly integrated into the browser to grab screenshots, read local files, and turn on your camera or microphone when asked. That's handy if ...