Tech »  Topic »  Google Gemini security flaw could have let anyone access systems or run code

Google Gemini security flaw could have let anyone access systems or run code

3 days, 16 hours ago   techradar.com
(Image credit: Future / Chris Hall)
  • Gemini could automatically run certain commands that were previously placed on an allow-list
  • If a benign command was paired with a malicious one, Gemini could execute it without warning
  • Version 0.1.14 addresses the flaw, so users should update now

A security flaw in Google’s new Gemini CLI tool allowed threat actors to target software developers with malware, even exfiltrating sensitive information from their devices, without them ever knowing.

The vulnerability was discovered by cybersecurity researchers from Tracebit just days after Gemini CLI was first launched on June 25, 2025.

Google released a fix with the version 0.1.14, which is now available for download.

Google Gemini can be hijacked to display fake email summaries in phishing scamsGoogle Drive's new Gemini features include video analysis at last - but be wary of possible security risksGoogle Gemini is set to become ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE

More related news