Skip to content
The Nexus
SECURITYApr 30 · 07:07 UTCTHE HACKER NEWS[email protected] (The Hacker News)

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Google has patched a critical security vulnerability (CVSS 10) in the Gemini CLI npm package and GitHub Actions workflow, which could have enabled unprivileged attackers to execute arbitrary code on host systems by injecting malicious configuration content.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this