Google has addressed a maximum severity security flaw in Gemini CLI — the « @google/gemini-cli » npm package and the « google-github-actions/run-gemini-cli » GitHub Actions workflow — that could have allowed attackers to execute arbitrary commands on host systems.
« The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration, »
