Vulnerability in Chrome's Gemini Panel Enables Extension Hijacking

Vulnerability in Chrome's Gemini Panel Enables Extension Hijacking

First seen 2 Mar 2026, 13:10 UTC DarkreadingUnit42.PaloaltonetworksZdnetFeeds.FeedburnerSecurityweek+15 83% similarity 29.9

Article Content

Browse articles
ThreatCluster

A vulnerability identified as CVE-2026-0628 in Chrome's Gemini panel allowed attackers to hijack extensions, leading to local file access and privacy violations. Google has issued a patch to address this high-severity flaw, which could have enabled privilege escalation and access to sensitive resources while browsing. Users of the affected Chrome version are advised to update immediately.

ThreatCluster AI

Timeline

2026-01-06
CVE-2026-0628 published
2026-01-08
First public proof of concept released
2026-03-02
Google patched the vulnerability

Community

Browse all →