Gemini MCP Tool 0-Day Vulnerability Exposes Systems to Remote Code Execution - gbhackers.com

Gemini MCP Tool 0-Day Vulnerability CVE/vulnerabilityCyber Security NewsVulnerability 1 min.Read Gemini MCP Tool 0-Day Vulnerability Exposes Systems to Remote Code Execution By Divya January 28, 2026 Share Facebook Twitter Pinterest WhatsApp A critical zero-day vulnerability has been disclosed in the Gemini MCP Tool, enabling unauthenticated remote attackers to execute arbitrary code on vulnerable installations without requiring user interaction or authentication. The vulnerability, tracked as CVE-2026-0755 with a CVSS score of 9.8, represents a severe risk to systems utilizing this tool in production environments. Vulnerability Overview The flaw resides within the execAsync method implementation of gemini-mcp-tool, where insufficient validation of user-supplied input enables command injection attacks. Attackers can craft malicious strings that bypass input validation mechanisms, allowing arbitrary system commands to execute in the context of the service account. This vulnerability is network-accessible and requires no special privileges or complex exploitation techniques, making it trivial to weaponize at scale. Attribute Value CVE ID CVE-2026-0755 ZDI ID ZDI-26-021, ZDI-CAN-27783 CVSS Score 9.8 (Critical) The zero-day was assigned ZDI-26-021 and ZDI-CAN-27783 identifiers by Trend Micro’s Zero Day Initiative before coordinated public disclosure. Peter Girnus from Trend Research is credited with discovering and reporting this critical vulnerability. The vulnerability followed a responsible disclosure process spanning six months. Trend Micro’s Zero Day Initiative initially reported the issue to the vendor on July 25, 2025, through a third-party coordination platform. After months of limited vendor engagement, ZDI requested updates on November 10, 2025, and subsequently notified the vendor of intentions to publish the advisory as a zero-day on December 14, 2025. Public disclosure occurred on January 9, 2026, following a coordinated advisory release. The vulnerability impacts all installations of gemini-mcp-tool. Given the critical nature of the flaw and the absence of available security patches as of disclosure, the primary mitigation strategy is immediate network isolation and restriction of all interaction with the affected product. Organizations currently deploying gemini-mcp-tool should implement strict access controls, limit exposure to trusted networks only, and consider alternative solutions until vendor remediation is available. The CVSS v3.0 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H indicates network accessibility with low attack complexity, no privilege requirements, and complete compromise of confidentiality, integrity, and availability. This maximum severity assessment reflects the vulnerability’s exploitability and potential impact on affected systems. Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google. Tags cyber security Cyber Security News Vulnerability Divya Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. Hot this week Infosec- Resources How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities June 4, 2023 1 What is Deep Web The deep web, invisible web, or... SOC Architecture How to Build and Run a Security Operations Center (SOC Guide) – 2023 June 3, 2023 12 Today’s Cyber security operations center (CSOC) should have everything... Cyber Security News Network Penetration Testing Checklist – 2025 March 2, 2025 0 Network penetration testing is a cybersecurity practice that simulates... Cyber Security News Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component October 18, 2023 0 TeamViewer's popularity and remote access capabilities make it an... Checklist Web Server Penetration Testing Checklist – 2026 January 6, 2026 0 Web server pentesting is performed under three significant categories: identity,... Topics AcquisitionAdobeAdwareAIAmazonAmazon AWSAMDAndroidAnti VirusAntimalwareAntispoofingANY RUNApacheAPIAppleAPTArtificial IntelligenceAvastAWSAzureBackdoorBitcoinBluetoothBotnetBrowserBuffer over flowBug BountyBusinessChatbotsChatGPTChecklistChromeCiscoCISOCISO AdvisoryCloudCloud SecurityCloudflareComputer SecurityCourseCPUCross site ScriptingcryptocurrencyCryptocurrency hackCVE/vulnerabilityCyber AdvisoryCyber AICyber AttackCyber Crimecyber securityCyber security CourseCyber Security NewsCyber Security ResourcesDark WebData BreachData GovernanceDDOSDealsDeepSeekDiscordDNSDos AttackDriveDropboxEducationEmailEmail SecurityEthical HackingExploitExploitation ToolsExtratorrentsFACEBOOKFeaturedFirefoxFirefox NewsFirewallForensics ToolsgameGenAIGitHubGitLabGmailGoogleGoogle dorksGovernanceGRCHacking BooksHacksHardware HackingHBOHTMLHTTPIBMIISIncident ResponseInformation GatheringInformation Security RisksInfosec- ResourcesInsider ThreatsInstagramMore Cyber Security News Copyright Complaint Lures Linked to New PureLog Stealer Credential Theft Wave 0 Threat actors are actively distributing the PureLog Stealer through... Chrome Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution 0 Google has released a critical security update for its... CVE/vulnerability Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls 0 A severe security vulnerability has been uncovered in UNISOC... CVE/vulnerability CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks 0 The Cybersecurity and Infrastructure Security Agency has issued an... CVE/vulnerability Bamboo Data Center and Server Vulnerability Enables Remote Code Execution 0 Atlassian has officially resolved a high-severity Remote Code Execution... CVE/vulnerability New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits 0 The Jenkins project released a critical security advisory addressing... Cyber Security News Navia Confirms Data Breach Exposing Sensitive Information of 2.7 Million Users 0 Navia Benefit Solutions has confirmed a significant data breach... Android Microsoft Introduces Teams Upgrades to Improve Windows App Performance on ioS and Android 0 Microsoft has officially announced the general availability of new... Related Articles Copyright Complaint Lures Linked to New PureLog Stealer Credential Theft Wave Cyber Security News March 21, 2026 Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution Chrome March 20, 2026 Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls CVE/vulnerability March 20, 2026 CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks CVE/vulnerability March 20, 2026 Bamboo Data Center and Server Vulnerability Enables Remote Code Execution CVE/vulnerability March 20, 2026 Recent News Copyright Complaint Lures Linked to New PureLog Stealer Credential Theft Wave Divya - March 21, 2026 Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution Divya - March 20, 2026 Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls Divya - March 20, 2026 CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks Divya - March 20, 2026 Bamboo Data Center and Server Vulnerability Enables Remote Code Execution Divya - March 20, 2026 New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits Divya - March 20, 2026