A critical remote code execution vulnerability in the Google Gemini CLI and its associated GitHub Action. Assigned a maximum severity score of CVSS 10.0, the flaw allowed unprivileged external attackers to execute commands directly on host systems. This vulnerability effectively turned automated CI/CD pipelines into potential attack vectors in the supply chain. Unlike typical AI exploits, […] The post Google Gemini CLI Vulnerabilities Allow Attackers to Execute Commands on Host Systems appeared first on Cyber Security News.