{"data":{"id":"188e50b9-1295-438b-a8a2-da4dc36771f0","title":"Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks","summary":"A critical vulnerability in Gemini CLI, an open source AI agent for terminal access to Google's Gemini, allowed attackers to execute arbitrary code on the host system by planting malicious configuration files in a workspace folder. The flaw was particularly dangerous in CI/CD pipelines (automated systems that build, test, and deploy software) because attackers could steal credentials and perform supply chain attacks (compromising software before it reaches users) by exploiting the trusted access that these pipelines have.","solution":"The vulnerability was patched by Google in both Gemini CLI and the 'run-gemini-cli' GitHub Action.","labels":["security"],"sourceUrl":"https://www.securityweek.com/critical-gemini-cli-flaw-enabled-host-code-execution-supply-chain-attacks/","publishedAt":"2026-04-30T12:34:05.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain","model_poisoning"],"issueType":"news","affectedPackages":null,"affectedVendors":["Google"],"affectedVendorsRaw":["Google","Gemini CLI","Claude Code Security Review","GitHub Copilot Agent"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-30T12:34:05.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}