8 matches found
CVE-2026-0755
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0755
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0755
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0755 gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0755
CVE-2026-0755 affects the gemini-mcp-tool, specifically the execAsync method. The flaw is an OS command injection (CWE-78) caused by insufficient validation of user-supplied input before it is used in a system call, enabling unauthenticated remote code execution. Attackers could run arbitrary cod...
CVE-2026-0755 gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability
gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
PT-2026-1985
Name of the Vulnerable Software and Affected Versions gemini-mcp-tool affected versions not specified Description The gemini-mcp-tool software contains a critical flaw in the execAsync method that allows for unauthenticated remote code execution RCE. This issue stems from a lack of proper input...
(0Day) gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the execAsync method. The issue results from the lack of proper...