Gemini MCP Tool 0-day Vulnerability Allows Remote Attackers to Execute Arbitrary Code

Gemini MCP Tool 0-day Vulnerability Allows Remote Attackers to Execute Arbitrary Code

Posted on By CWS

A important zero‑day vulnerability in Gemini MCP Device exposes customers to distant code execution (RCE) assaults with none authentication.

Tracked as ZDI‑26‑021 / ZDI‑CAN‑27783 and assigned CVE‑2026‑0755, the flaw carries a most CVSS v3.1 rating of 9.8, reflecting its ease of exploitation and extreme affect.

In response to a brand new advisory from Development Micro’s Zero Day Initiative (ZDI), the difficulty impacts the open‑supply gemini-mcp-tool, a utility designed to combine Gemini fashions with Mannequin Context Protocol (MCP) companies.

Vulnerability Overview

Each the seller and product are listed as Gemini MCP Device / gemini-mcp-tool within the advisory. On the core of the vulnerability is the improper dealing with of person‑equipped enter within the execAsync methodology.

This operate passes enter straight right into a system name with out satisfactory validation or sanitization.

A distant attacker can exploit this command injection weak point to execute arbitrary code on the underlying system, working with the privileges of the service account.

FieldInformationCVE IDCVE-2026-07550‑Day Namegemini-mcp-tool execAsync Command Injection RCE VulnerabilityCVSS v3.1 Score9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)Affected Productgemini-mcp-toolImpactRemote, unauthenticated arbitrary code execution

As a result of the assault vector is community‑based mostly and requires no prior authentication or person interplay, web‑uncovered or shared environments are at notably excessive threat.

The vulnerability was initially reported to the seller on July 25, 2025, through a 3rd‑social gathering platform.

ZDI adopted up for updates in November 2025 and, after receiving no enough response, knowledgeable the seller on December 14, 2025 of its intention to publish the case as a zero‑day advisory.

The coordinated public disclosure and advisory replace occurred on January 9, 2026.

On the time of publication, no official patch or replace has been documented. Because of this, mitigation choices are restricted.

ZDI recommends strictly proscribing entry to the Gemini MCP Device by making certain it isn’t straight uncovered to the web and limiting interplay to trusted networks and customers.

Directors also needs to monitor methods working gemini-mcp-tool for suspicious course of execution and strange outbound connections that would point out profitable exploitation.

Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Navigating APTs – Singapore’s Cautious Response to State-Linked Cyber Attacks Navigating APTs – Singapore’s Cautious Response to State-Linked Cyber Attacks Cyber Security News
CISA Warns of Cisco Firewall 0-Day Vulnerabilities Actively Exploited in the Wild CISA Warns of Cisco Firewall 0-Day Vulnerabilities Actively Exploited in the Wild Cyber Security News
Microsoft Upgrades .NET Bounty Program with Rewards Up to ,000 Microsoft Upgrades .NET Bounty Program with Rewards Up to $40,000 Cyber Security News
Hackers Exploit Screensavers for Remote Access Hackers Exploit Screensavers for Remote Access Cyber Security News
Beware of PNB MetLife Payment Gateway that Steals Your Details and Direct to UPI Payments Beware of PNB MetLife Payment Gateway that Steals Your Details and Direct to UPI Payments Cyber Security News
Red Hat Breach Exposes 5000+ High Profile Enterprise Customers at Risk Red Hat Breach Exposes 5000+ High Profile Enterprise Customers at Risk Cyber Security News