New bugs in Claude for Chrome allow extensions to abuse AI privileges
Summary
Two security flaws in Anthropic's Claude for Chrome extension allow malicious browser extensions to trick Claude into performing privileged actions like reading Gmail, Google Docs, and Calendar data on a user's behalf. The vulnerabilities have remained unfixed for months despite being reported to Anthropic in May, with the company marking an internal tracking issue as 'resolved' while the problematic code remained unchanged across eight releases. The first flaw involves synthetic clicks (fake user interactions generated by malicious code) bypassing verification checks, while the second involves a URL parameter that improperly grants elevated privileges.
Solution / Mitigation
The source explicitly mentions a fix for the first vulnerability: adding one line of code, 'if (!n.isTrusted) return;' at the top of the click handler to verify clicks are from real users. For the second vulnerability, the source recommends general practices (validating genuine user interactions, avoiding URL-driven privilege transitions, and strengthening internal extension authentication) but does not describe a specific implemented fix or version where these are resolved.
Classification
Affected Vendors
Related Issues
Original source: https://www.csoonline.com/article/4197325/new-bugs-in-claude-for-chrome-allow-extensions-to-abuse-ai-privileges.html
First tracked: July 15, 2026 at 02:01 PM
Classified by LLM (prompt v3) · confidence: 92%