From Prompt to Exploit: Cyera Research Labs’ Discloses Command & Prompt Injection Vulnerabilities in Gemini CLI

Cyera Research Labs identified and responsibly disclosed two exploitable vulnerabilities in Google’s Gemini CLI—a VS Code extension installation command injection and a prompt-injection bypass that permits backtick command substitution—allowing attackers to execute arbitrary commands with the same privileges as the CLI process; Google acknowledged the findings and issued fixes via its Vulnerability Rewards Program, and Cyera highlighted the efficiency gains of an LLM-augmented triage workflow used to discover and validate the issues.