Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Novee Security discovered a CVSS 10.0 flaw in Google's Gemini CLI allowing arbitrary host command execution before sandbox initialization — patched across all affected versions.
Google has addressed a maximum severity security flaw in Gemini CLI — the “@google/gemini-cli” npm package and the “google-github-actions/run-gemini-cli” GitHub Actions workflow — that could have allowed attackers to execute arbitrary commands on host systems.
“The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,” Novee Security said in a Wednesday report. “This triggered command execution directly on the host system, bypassing security before the agent’s sandbox even initialized.”
Read the full article at The Hacker News→
Originally published in The Hacker News on April 30, 2026 by Ravie Lakshmanan
