MaXSS and Spyder: Unpatched Critical Flaws in 10M-Install AI Chrome Extensions SiderAI and MaxAI Enable Full Browser Session Takeover Without User Interaction

Rebora Security disclosed two critical unpatched vulnerabilities—MaXSS in MaxAI and Spyder in SiderAI—affecting AI-powered Chrome extensions with over 10 million combined installations, with SiderAI ranking among the top 25 extensions in the Chrome Web Store. Both flaws exploit insecure message passing between web pages and extension background processes, allowing a malicious site to silently seize elevated permissions and read emails, steal authentication tokens, capture screenshots, manipulate documents, and exfiltrate private AI conversation data with no user interaction beyond visiting the page. Vendors did not respond to responsible disclosure and both vulnerabilities remain unpatched.