{"id":218956,"date":"2025-07-29T08:27:54","date_gmt":"2025-07-29T13:27:54","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/07\/flaw-in-gemini-cli-ai-coding-assistant-allowed-stealthy-code-execution"},"modified":"2025-07-29T08:27:54","modified_gmt":"2025-07-29T13:27:54","slug":"flaw-in-gemini-cli-ai-coding-assistant-allowed-stealthy-code-execution","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/07\/flaw-in-gemini-cli-ai-coding-assistant-allowed-stealthy-code-execution","title":{"rendered":"Flaw in Gemini CLI AI coding assistant allowed stealthy code execution"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/flaw-in-gemini-cli-ai-coding-assistant-allowed-stealthy-code-execution.jpg\"><\/a><\/p>\n<p>A vulnerability in Google\u2019s Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers\u2019 computers using allowlisted programs.<\/p>\n<p>The flaw was discovered and reported to Google by the security firm Tracebit on June 27, with the tech giant releasing a fix in version 0.1.14, which became available on July 25.<\/p>\n<p><a href=\"https:\/\/github.com\/google-gemini\/gemini-cli\" target=\"_blank\" rel=\"nofollow noopener\">Gemini CLI<\/a>, first released on <a href=\"https:\/\/blog.google\/technology\/developers\/introducing-gemini-cli-open-source-ai-agent\/\" target=\"_blank\" rel=\"nofollow noopener\">June 25, 2025<\/a>, is a command-line interface tool developed by Google that enables developers to interact directly with Google\u2019s Gemini AI from the terminal.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A vulnerability in Google\u2019s Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers\u2019 computers using allowlisted programs. The flaw was discovered and reported to Google by the security firm Tracebit on June 27, with the tech giant releasing a fix in version 0.1.14, which became available on July 25. Gemini [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,1492],"tags":[],"class_list":["post-218956","post","type-post","status-publish","format-standard","hentry","category-robotics-ai","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/218956","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=218956"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/218956\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=218956"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=218956"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=218956"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}