Malicious Notifications Could Trick Google Gemini Users
Summary
Google Gemini's voice assistant had a prompt injection flaw (a vulnerability where attackers hide malicious instructions in input data) that allowed attackers to embed harmful commands in notifications. This could trick users into performing unwanted actions through social engineering (manipulating people into revealing information or taking harmful actions).
Classification
Affected Vendors
Related Issues
CVE-2026-30308: In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe comman
CVE-2026-40087: LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-str
Original source: https://www.darkreading.com/application-security/malicious-notifications-could-trick-google-gemini-users
First tracked: June 3, 2026 at 08:00 AM
Classified by LLM (prompt v3) · confidence: 92%