TAMING Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel reports a high-severity flaw in Google's Gemini feature for Chrome, allowing malicious extensions with basic permissions to hijack the Gemini Live in Chrome panel. According to Unit 42, the vulnerability CVE-2026-0628 could let an extension inject JavaScript into the Gemini panel, granting access to the user’s local files, camera and microphone, and the ability to take screenshots.
The researchers detail that the attack hinges on the declarativeNetRequests API, which normally can intercept HTTPS requests, but when used to affect the Gemini app inside the browser panel, it could operate with deeper privileges. In their disclosure to Google, they note that Google could reproduce the exploit on 23 October 2025 and issued a fix in early January 5m 2026.
The article also emphasises that the threat surface expands with AI-enabled browsers, where Privilege escalation and phishing are risks when a trusted browser component is manipulated by an extension. Palo Alto Networks highlights Prisma Browser and related protections to mitigate such extension-based attacks.