Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel
ID: 5041aee0-ac03-5e75-bea4-dbe2304e58b8
STIX ID: report--5041aee0-ac03-5e75-bea4-dbe2304e58b8
Feed Name: Palo Alto Networks Unit 42
Threat Score
Unit 42 disclosed CVE-2026-0628, a high-severity flaw in Chrome’s Gemini Live panel that could let a malicious extension inject code into the privileged Gemini component, enabling access to camera/microphone, screenshots, and local files; the issue was reported to Google and patched in early January 2026.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.