Breaking
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately
Latest Threat Intel Zero-Days Data Breaches Analysis
Live threat feed May 19, 2026 | 12:01 UTC
4110 CVEs This Month
6 Actively Exploited
2 Ransomware Activity
18 Breaches YTD
Threat Investigation Portal
Investigate an IOC in the live graph workspace.
Investigate IOC
Vulnerabilities

Google Patches Critical CVSS 10 Gemini CLI Vulnerability Allowing Remote Code Execution

Thirumala Rao Padilam Thirumala Rao Padilam April 30, 2026
Google Patches Critical CVSS 10 Gemini CLI Vulnerability Allowing Remote Code Execution

Google has addressed a critical security flaw in its Gemini CLI npm package and the associated GitHub Actions workflow that could have allowed attackers to execute arbitrary code on affected host systems. The flaw involved improper loading of attacker-controlled content as Gemini configuration, posing a high risk in continuous integration environments.

What happened

Google identified and fixed a maximum severity vulnerability in the Gemini CLI tooling, which includes the '@google/gemini-cli' npm package and the 'google-github-actions/run-gemini-cli' GitHub Actions workflow. This vulnerability allowed an unprivileged, external attacker to force the loading of malicious content as Gemini configuration files. Due to this weakness, attackers could execute arbitrary commands on the host machines running the affected software.

The flaw affects both local use of the Gemini CLI package and automated workflows that utilize the official GitHub Actions integration, potentially exposing continuous integration systems to command injection risks. Google’s patch aims to prevent the unauthorized loading of malicious configuration data.

Why it matters

This vulnerability is rated as maximum severity with a CVSS score of 10, indicating a critical risk in affected development and CI/CD environments. Arbitrary code execution vulnerabilities in CI systems are particularly concerning as they can lead to broader compromise across development pipelines, potentially impacting source code integrity and deployment processes.

Since Gemini CLI is integrated into automation workflows via GitHub Actions, the flaw could have had implications beyond local systems, affecting cloud environments that leverage these workflows. Addressing this issue is essential to maintain the security of software development pipelines that depend on these widely used tools.

What security teams should do

Security teams should promptly update to the fixed versions of the '@google/gemini-cli' npm package and the 'google-github-actions/run-gemini-cli' workflow to mitigate the risk of exploitation. Reviewing usage of Gemini CLI within automation pipelines and verifying no unauthorized configurations have been loaded or executed is recommended.

Additionally, monitoring logs for unusual activity related to Gemini CLI operations and reviewing access controls around CI environments can help detect potential exploitation attempts related to this vulnerability.

Key technical details

The root cause of the vulnerability was the ability for attackers to supply and force the CLI tool to load malicious configuration files, thereby escalating privileges to execute arbitrary commands on a host system. The vulnerability impacted both the standalone Gemini CLI npm package and the GitHub Actions workflow implementation.

This flaw specifically allowed unprivileged external actors to inject their own content during the configuration loading phase, which would then be interpreted and executed by the CLI. The fix involves validating and restricting configuration loading mechanisms to prevent unauthorized code execution.

Affected organizations/products

The vulnerability affected the '@google/gemini-cli' npm package and the 'google-github-actions/run-gemini-cli' GitHub Actions workflow. Both local usage in development environments and automated CI workflows leveraging these tools are potentially impacted.

Source attribution

https://thehackernews.com/2026/04/google-fixes-cvss-10-gemini-cli-ci-rce.html

Thirumala Rao Padilam
Written by
Thirumala Rao Padilam
error: Content is protected !!