A vulnerability in Chrome’s Gemini Live side panel could have allowed malicious extensions to inject JavaScript, hijack the AI assistant, and spy on users or exfiltrate data. Palo Alto Networks reported CVE-2026-0628 and Google patched the issue in Chrome 143 to block extensions from abusing declarativeNetRequests access to the Gemini panel. #GeminiLive #CVE-2026-0628
Keypoints
- Palo Alto Networks discovered CVE-2026-0628 affecting Chrome’s Gemini Live side panel.
- Malicious extensions could inject JavaScript into the Gemini panel via declarativeNetRequests permissions.
- Injected code could access the camera and microphone, read local files, take screenshots, and perform phishing attacks.
- Google released fixes in Chrome 143.0.7499.192/.193 for Windows, macOS, and Linux.
- The flaw demonstrates risks from granting AI browser components privileged access to the browsing environment.
Read More: https://www.securityweek.com/vulnerability-allowed-hijacking-chromes-gemini-live-ai-assistant/