A serious security vulnerability in Google Chrome has been patched after researchers revealed it could allow malicious browser extensions to escalate privileges and access sensitive system resources, including local files, cameras, and microphones.
The flaw, identified as CVE-2026-0628, carried a high severity rating of 8.8 under the CVSS scoring system. Google addressed the issue in Chrome version 143.0.7499.192/.193 for Windows and macOS, and version 143.0.7499.192 for Linux in early January 2026.
Vulnerability Linked to Chrome’s WebView and Gemini Integration
According to the U.S. National Vulnerability Database, the issue stemmed from insufficient policy enforcement within Chrome’s WebView component. The weakness made it possible for attackers to inject malicious scripts into a privileged browser page if a user installed a specially crafted extension.
The vulnerability was discovered by security researcher Gal Weizman of Palo Alto Networks Unit 42 and responsibly disclosed on November 23, 2025.
Researchers found that the flaw could allow a rogue extension — even one with minimal declared permissions — to compromise Chrome’s integrated AI feature, the Gemini Live panel. Google introduced Gemini integration into Chrome in September 2025, embedding an AI-powered assistant directly into the browser interface.
How the Attack Worked
If successfully exploited, the vulnerability could enable attackers to:
- Access a victim’s camera and microphone
- Capture screenshots of active web pages
- Retrieve local files stored on the system
- Execute arbitrary JavaScript code within a privileged browser context
The exploit relied on Chrome’s declarativeNetRequest API — a legitimate feature commonly used by ad-blocking extensions to modify web requests. However, attackers could abuse this capability to inject malicious JavaScript into the Gemini side panel when it loaded within Chrome.
Because the Gemini panel operates with elevated privileges to perform AI-driven tasks such as summarization, automation, and translation, compromising it effectively undermined Chrome’s security boundaries.
AI Integration Expands Browser Attack Surface
The incident highlights a growing cybersecurity concern: integrating AI agents directly into web browsers introduces new attack vectors.
AI assistants embedded in browsers require expanded permissions to carry out multi-step tasks. While this enables advanced features, it also creates opportunities for abuse. Malicious web pages or extensions could potentially inject hidden prompts that manipulate the AI assistant into performing unintended actions — including accessing sensitive data or executing commands that would normally be blocked.
Researchers warned that placing AI-driven components inside high-privilege browser environments may unintentionally reintroduce classic security risks such as:
- Cross-site scripting (XSS)
- Privilege escalation
- Side-channel attacks
The core issue lies in the blurred boundary between standard web content and deeply integrated browser components. While extensions influencing websites is expected behavior, influencing browser-level components significantly increases security risks.
Google’s Response and User Guidance
Google has resolved the vulnerability in updated Chrome versions released in January 2026. Users are strongly advised to ensure their browsers are updated to the latest version to mitigate any risk.
Additionally, cybersecurity experts recommend:
- Installing extensions only from trusted developers
- Reviewing requested permissions carefully
- Removing unused or unfamiliar extensions
- Keeping browsers and operating systems fully updated
As AI-powered features become more deeply embedded into everyday software, security researchers anticipate continued scrutiny of how these capabilities interact with existing browser security models.
