THE Chrome flaw, tracked as CVE-2026-0628, allowed a low-privilege extension to inject code into Gemini’s side panel and inherit its powerful capabilities, including local file access, screenshots, and camera and microphone control. The vulnerability affected Chrome’s Gemini “Live in Chrome” panel, which runs the Gemini web app in a privileged side panel that can see on-screen content and perform sensitive actions.
Researchers found that an extension using the declarativeNetRequest API could tamper with traffic to gemini.google[.]com/app when loaded inside this side panel, not just in a normal tab. The flaw was patched in a January update, with Google shipping fixes in early January 2026, so current versions are not vulnerable.
The broader takeaway is that agentic browsers, such as Gemini in Chrome, embed AI side panels that can autonomously execute multi-step actions and access sensitive data, underscoring the need to install as few extensions as possible and to monitor for unusual Gemini-related activity. 3 March 2026