{"data":{"id":"5abbdbd1-2570-42c8-b259-17fe62ad7a38","title":"New bugs in Claude for Chrome allow extensions to abuse AI privileges","summary":"Two security flaws in Anthropic's Claude for Chrome extension allow malicious browser extensions to trick Claude into performing privileged actions like reading Gmail, Google Docs, and Calendar data on a user's behalf. The vulnerabilities have remained unfixed for months despite being reported to Anthropic in May, with the company marking an internal tracking issue as 'resolved' while the problematic code remained unchanged across eight releases. The first flaw involves synthetic clicks (fake user interactions generated by malicious code) bypassing verification checks, while the second involves a URL parameter that improperly grants elevated privileges.","solution":"The source explicitly mentions a fix for the first vulnerability: adding one line of code, 'if (!n.isTrusted) return;' at the top of the click handler to verify clicks are from real users. For the second vulnerability, the source recommends general practices (validating genuine user interactions, avoiding URL-driven privilege transitions, and strengthening internal extension authentication) but does not describe a specific implemented fix or version where these are resolved.","labels":["security"],"sourceUrl":"https://www.csoonline.com/article/4197325/new-bugs-in-claude-for-chrome-allow-extensions-to-abuse-ai-privileges.html","publishedAt":"2026-07-15T12:06:36.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Anthropic","Claude for Chrome"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-07-15T12:06:36.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"plugin","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}