Gemini MCP Tool Zero-Day Allows Remote Attackers to Execute Arbitrary Code - cyberpress.org

Gemini MCP Tool Zero-Day Allows Remote Attackers to Execute Arbitrary Code By Lucas Martin January 28, 2026 Categories: Cyber Security NewsCybersecurityVulnerability A critical zero-day vulnerability in the Gemini MCP Tool, a utility often used to manage interactions within the Gemini ecosystem. The security flaw allows unauthenticated remote attackers to execute arbitrary code on affected installations. Because the vendor has not yet released a patch, this remains an active zero-day threat. The vulnerability, tracked as CVE-2026-0755, carries a CVSS score of 9.8, classifying it as critical. The severity stems from the fact that no user interaction or prior authentication is required to trigger the exploit. An attacker needs network access to the target system to fully compromise it. Technical Analysis of the Flaw The root cause of the vulnerability lies in the implementation of the execAsync method in the Gemini MCP Tool. This function is designed to handle asynchronous command execution, but it fails to sanitize user-supplied input strings properly. When the application processes a request involving this method, it passes the input directly to a system call without sufficient validation. Attackers can inject malicious commands into this input stream. Once processed, the system executes these commands with the same privileges as the service account running the tool. This effectively grants the attacker control over the underlying operating system, enabling them to install malware, exfiltrate data, or disrupt services. The disclosure timeline reveals a significant delay in the vendor’s response. ZDI originally submitted the vulnerability report to the vendor on July 25, 2025. Despite follow-up attempts in November, the vendor provided no effective resolution. Consequently, the vendor in December of their intention to publish the case as a zero-day advisory, which occurred on January 9, 2026. Currently, there is no official patch available to fix CVE-2026-0755. The primary mitigation strategy is to restrict network access to the Gemini MCP Tool. Administrators should ensure the service is not exposed to the public internet and is accessible only via trusted internal networks or VPNs. Feature Details CVE ID CVE-2026-0755 CVSS Score 9.8 (Critical) Vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Vendor Gemini MCP Tool Affected Product gemini-mcp-tool Vulnerability Type Remote Code Execution (RCE) Root Cause Improper validation in execAsync method Organizations using the Gemini MCP Tool are urged to isolate the application until a security update is released immediately. Security teams should monitor network traffic for suspicious calls targeting the execAsync function. Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google. Share Facebook Twitter Pinterest WhatsApp Lucas Martinhttps://cyberpress.org/ Lucas Martin is an Investigative cybersecurity journalist dedicated to breaking stories on ransomware cartels, data breaches, and state-sponsored espionage. Recent Articles How to Find an Affordable, Easy to Deploy PAM in 2026 (and What to Avoid)  Technology March 16, 2026 Cyberattack Targets Poland’s Nuclear Research Center, Investigation Underway Cyber Attack March 16, 2026 Betterleaks: New Open-Source Tool for Scanning Files, Directories, and Git Repositories Cyber Security News March 16, 2026 Android 17 Launches Advanced Protection Mode to Stop Malicious Service Exploits Cyber Security News March 16, 2026 Google Looker Studio Vulnerabilities Enable Attackers to Exfiltrate Data from Google Services Cyber Security News March 16, 2026 Related Stories Cyber Attack Cyberattack Targets Poland’s Nuclear Research Center, Investigation Underway AnuPriya - March 16, 2026 Cyber Security News Betterleaks: New Open-Source Tool for Scanning Files, Directories, and Git Repositories AnuPriya - March 16, 2026 Cyber Security News Android 17 Launches Advanced Protection Mode to Stop Malicious Service Exploits AnuPriya - March 16, 2026 Cyber Security News Google Looker Studio Vulnerabilities Enable Attackers to Exfiltrate Data from Google Services AnuPriya - March 16, 2026 Cyber Security News Real-Time Phishing Campaigns Use Fake Shipment Alerts To Steal Banking Data In MEA Varshini - March 16, 2026 Cyber Security News Indirect Prompt Injection Attacks Cause OpenClaw AI Agents to Leak Sensitive Data AnuPriya - March 16, 2026 LEAVE A REPLY Comment: Name:* Email:* Website: