Google Patches Maximum-Severity RCE Vulnerability in Gemini CLI, Warns CI/CD Pipeline Risk

Google has released a patch for a critical remote code execution vulnerability in its Gemini CLI command-line AI tool, carrying the highest possible severity rating and potentially affecting developers who run the tool within automated build and deployment pipelines.

The vulnerability, rated CVSS 10.0, was patched by Google with automatic updates deployed to some users. However, the company is urging anyone running Gemini CLI in headless mode or through systems like GitHub Actions to manually review their workflows. The flaw could allow arbitrary code execution on systems running affected versions during automated tasks, researchers warn.

Security analysts highlight that CI/CD environments present elevated risk because they often execute with elevated privileges and interact with sensitive infrastructure. Developers using Gemini CLI in headless configurations are advised to verify their current version, apply available updates immediately, and audit any workflows that pass untrusted input to the tool. Organizations should treat this as a high-priority patch given the supply chain implications if compromised pipelines were exploited to inject malicious code into software builds at scale.

Google has published remediation guidance through its security channels. The disclosure underscores ongoing concerns about attack surface expansion in AI-assisted development tooling, where command-line utilities increasingly integrate into automated workflows.