AI/ML, Data Security, Risk Assessments/Management, Application security, Exposure management

AI browser extensions more likely to have known vulnerabilities, report says

(Adobe Stock)

AI browser extensions are more likely affected by known vulnerabilities than non-AI extensions, LayerX’s Enterprise Browser Extension Security Report 2026 revealed.

The report, published April 10, also shows AI extensions are significantly more likely to have access to cookies, scripting capability and tab management, amplifying the risk of vulnerable extensions, LayerX said.

“AI extensions are now one of the fastest-growing extension categories that can access sensitive data, capture user inputs, or transmit information to unknown LLM providers, introducing both data leakage and extension supply chain risks,” the report states, nothing that about one-in-six enterprise users now use at least one AI extension.

The company’s analysis of browser extension usage from more than 1 million enterprise devices showed that about 10.8% of all extensions contained a vulnerability with an assigned CVE, compared with 16.31% for AI extensions, meaning AI extensions are 60% more likely to be affected by a CVE.

Overall, about 99% of users have at least one browser extension installed and 72.11% use at least one extension with a known CVE. Adoption of AI extensions varies by organization size, with large enterprises of more than 2,500 employees having the lowest adoption rate at 9.53%, and mid-size businesses, between 1,000 and 2,500 employees, having the highest rate at 17.7%.

While AI extensions were slightly less likely to request high or critical permission scopes than average (73.06% compared with 75.39%), they were more likely to request certain specific high-risk permissions. For example, Ai extensions were three times more likely to request cookie access, with 18.19% of AI extensions doing so.

“Cookie access can expose session tokens and authentication data, increasing the risk of account takeover or unauthorized access especially given how widespread this exposure is across users,” LayerX said.

Additionally, 41.91% of AI extensions request scripting access, while only 15.4% of all extensions do so – a 2.5-fold difference. This permission could potentially give a malicious or compromised extension the ability to inject code into web pages, which could also allow for sensitive inputs to be captured.

AI extensions were also twice as likely to seek permission to manage tabs, with 39.35% doing so. This could allow for monitoring of browsing activity or redirection to phishing sites. A quarter of AI extensions were also found to have changed permissions over a 12-month period, compared with only 4.33% of all extensions.

LayerX’s report also points out the “weak trust signals” present across the enterprise browser extension ecosystem such as low user counts, a lack of privacy policies and a lack of ongoing maintenance among many extensions used in enterprises. LayerX said that nearly half of AI extensions have less than 10,000 installations, compared with a third of all extensions.

“While a low install count doesn’t automatically make an extension untrustworthy, it can signal that the extension is abandoned, unvetted, or created by an unknown or potentially malicious publisher,” the report states.

However, AI extensions were more likely actively maintained than non-AI extensions, with only 22% being unmaintained, compared with 40% of all extensions. In total, only 28.6% of extensions used in enterprises had privacy policies, raising concerns about data security risks.

LayerX recommends organizations continuously audit and take a full inventory of browser extensions used across all of their devices, users and browsers. Teams should put guardrails in place to restrict the installation of extensions with unnecessary access to high or critical permissions, including cookie access, scripting, tab management and the ability to make network requests.

Additionally, the company advises employing extra caution with AI extensions and use stricter approval processes for these extensions due to their higher risk. Teams should also continuously monitor Installed extensions for potential changes in permissions or ownership, and establish a “minimum trust criteria” to restrict the use of extensions that are unmaintained, have no privacy policy or have very low install counts.

“Browser extensions aren’t static. They change hands, get updated, and sometimes stop being maintained altogether. That makes their trustworthiness a moving target,” the report states. “CISOs should keep a close, ongoing eye on who’s behind each extensions, how often it’s updated, and whether it has clear signals of transparency like a privacy policy or stable ownership.”

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds