Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
ATT&CK techniques detected
T1176Software Extensions
33%
“exposure of session tokens and api keys, unauthorized access to cursor backend services, and data theft via user impersonation. " cursor has maintained that the access is limited to the local machine where the user has already installed and granted permissions to the extension, m…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow -- that could have allowed attackers to execute arbitrary commands on host systems. "The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,"