Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Google patched a CVSS 10.0 remote code execution vulnerability in Gemini CLI, affecting the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow. An unprivileged external attacker could force malicious content to load as Gemini configuration, enabling arbitrary command execution on host systems.

The flaw creates direct risk for developers using Gemini CLI in CI/CD pipelines. Attackers exploit configuration injection to achieve code execution with the privileges of the CI environment. Organizations using the affected npm package or GitHub Actions workflow should update immediately to patched versions.

The vulnerability highlights a common attack vector in developer tooling. Configuration files parsed without proper validation become attack surfaces when untrusted input reaches them. CI/CD pipelines amplify the impact since compromised builds can inject malware or steal credentials at scale.

Defenders should audit their npm dependencies and GitHub Actions workflows for "@google/gemini-cli" usage. Apply available patches without delay. Implement principle of least privilege for CI service accounts to limit blast radius if compromise occurs.

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

Patch Tuesday, April 2026 Edition

Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug

Get Daily CyberWireDaily