Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

Google patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise.

A major security vulnerability recently put Google’s official Gemini-cli repository and its associated GitHub Actions at risk of a total takeover. Researchers at the firm Pillar Security found a way to compromise the repository, a popular project with over 101,000 stars on GitHub. Researchers claim that a threat actor could have used the flaw to launch a full supply chain compromise.

The vulnerability was so severe that it earned a CVSS 10 rating. According to Pillar Security, the issue was not with the AI model itself but the way the system was built. The team, led by Dan Lisichkin, found that a hacker could gain control of the repository by simply opening a public Issue on GitHub.

How the Trust Issues Exploit Worked

The ...