Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks
Summary
A critical vulnerability in Gemini CLI, an open source AI agent for terminal access to Google's Gemini, allowed attackers to execute arbitrary code on the host system by planting malicious configuration files in a workspace folder. The flaw was particularly dangerous in CI/CD pipelines (automated systems that build, test, and deploy software) because attackers could steal credentials and perform supply chain attacks (compromising software before it reaches users) by exploiting the trusted access that these pipelines have.
Solution / Mitigation
The vulnerability was patched by Google in both Gemini CLI and the 'run-gemini-cli' GitHub Action.
Classification
Affected Vendors
Related Issues
Original source: https://www.securityweek.com/critical-gemini-cli-flaw-enabled-host-code-execution-supply-chain-attacks/
First tracked: April 30, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 92%