Unit42.Paloaltonetworks
Vulnerability in Chrome's Gemini Panel Enables Extension Hijacking
First seen 2 Mar 2026, 13:10 UTC
•



+15
•83% similarity
•29.9
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A vulnerability identified as CVE-2026-0628 in Chrome's Gemini panel allowed attackers to hijack extensions, leading to local file access and privacy violations. Google has issued a patch to address this high-severity flaw, which could have enabled privilege escalation and access to sensitive resources while browsing. Users of the affected Chrome version are advised to update immediately.
ThreatCluster AI
Timeline
2026-01-06
CVE-2026-0628 published
2026-01-08
First public proof of concept released
2026-03-02
Google patched the vulnerability