CVE-2026-12537

HIGH

Unauthenticated Remote Code Execution in Gemini CLI CI/CD Workflows

Title source: cna
STIX 2.1

Description

Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI (versions prior to 0.39.1) and run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously crafted .gemini/.env file.

Scores

CVSS v3 7.8
EPSS 0.0013
EPSS Percentile 3.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-20 CWE-78
Status published
Products (5)
google/gemini-cli 0.40.0 preview2
google/gemini-cli < 0.39.1
google/run-gemini-cli < 0.1.22
Google Cloud/Gemini CLI < 0.39.1
Google Cloud/run-gemini-cli GitHub Action < 0.1.22
Published Jun 24, 2026
Tracked Since Jun 24, 2026