Improper input validation in Google Cloud Gemini Cli
CVE-2026-12537
Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI (versions prior to 0.39.1) and run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI platforms allows an unprivileged attacker to…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
Affected products
- Google Cloud Gemini Cli — versions 0
- Google Cloud Run-gemini-cli Github Action — versions 0