CVE-2026-12537: Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI (versions prior to 0.39.1)
Summary
A critical vulnerability (CVE-2026-12537) exists in Google Gemini CLI versions before 0.39.1 and the run-gemini-cli GitHub Action before version 0.1.22 that allows attackers to run malicious code on a host system before sandbox protections activate by creating a specially crafted .gemini/.env file (improper neutralization is a failure to filter dangerous characters from user input before using it in system commands). This affects headless CI (continuous integration, automated testing environments) platforms and has a maximum severity rating of 10.0.
Solution / Mitigation
Update Google Gemini CLI to version 0.39.1 or later, and update the run-gemini-cli GitHub Action to version 0.1.22 or later.
Vulnerability Details
EPSS: 0.0%
June 24, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-12537
First tracked: June 25, 2026 at 08:22 AM
Classified by LLM (prompt v3) · confidence: 92%