Severity: CRITICAL - CVSS Score: 10.0 (Maximum)

The Threat

Google has patched a maximum severity (CVSS 10.0) remote code execution (RCE) vulnerability in the Gemini CLI tool, specifically affecting the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow. The flaw allowed an unprivileged attacker to execute arbitrary commands on the host system - meaning any machine running the affected package in a CI/CD pipeline or developer workstation was fully exposed.

This is not a theoretical risk. A CVSS score of 10.0 is the highest possible rating, reserved for vulnerabilities that are remotely exploitable, require no authentication, and result in complete system compromise. The flaw lives inside a tool that developers and engineering teams use daily to integrate Google's Gemini AI models into software build pipelines and automation workflows.

Alongside the Gemini CLI flaw, similar code execution vulnerabilities were identified in Cursor, an AI-powered code editor gaining rapid adoption among developers across the region.

Impact Assessment for East African Organizations

Across Kenya, Ethiopia, Somalia, and the wider Horn of Africa, adoption of AI-assisted development tools has accelerated sharply inside fintech companies, government software teams, and telecom providers. Any organization whose developers use Gemini CLI or Cursor in their build pipelines - or whose GitHub Actions workflows reference the affected action - is directly exposed.

The practical consequences are severe:

  • Banking and fintech platforms - A compromised CI/CD pipeline can inject malicious code directly into production banking applications, creating backdoors into mobile money systems, core banking APIs, and customer-facing apps. This is particularly critical for institutions operating under CBK's Prudential Guidelines and Kenya's Data Protection Act 2019, where a breach triggers mandatory disclosure obligations.
  • Government technology teams - Public sector digital projects in Kenya (eCitizen, Huduma), Ethiopia (digital ID rollout), and Somalia (GovTech modernization programs) increasingly rely on automated build pipelines. A poisoned pipeline means compromised citizen-facing infrastructure.
  • Telecom and critical infrastructure - Operators running automated deployment workflows for network management tools face the risk of full system takeover on build servers, potentially extending laterally into operational systems.

Supply chain attacks through developer tooling are among the hardest breach vectors to detect - by the time malicious code is flagged, it may already be running in production environments.

Immediate Actions - Do These Now

  • Audit all npm dependencies immediately. Search your codebase and package.json files for "@google/gemini-cli". Confirm you are running the latest patched version. Run npm audit across all active projects and CI environments.
  • Review all GitHub Actions workflows. Search your repositories for references to "google-github-actions/run-gemini-cli". Pin all third-party Actions to a specific, reviewed commit SHA rather than a floating tag or version alias.
  • Isolate and inspect CI/CD build environments. Treat any system that ran the affected package versions as potentially compromised. Review build logs for anomalous command execution, outbound connections, or unexpected file writes.
  • Enforce least-privilege on build runners. Build agents and GitHub Actions runners should not have write access to production systems, secret stores, or sensitive credentials. If yours do, revoke and re-scope those permissions today.
  • Rotate secrets exposed to build pipelines. Any API keys, database credentials, cloud access tokens, or signing certificates accessible from affected CI environments should be rotated immediately as a precaution.

DRONGO Recommendation

CI/CD pipeline security is a blind spot for most engineering teams in East Africa. DRONGO's DevSecOps assessment reviews your entire software delivery chain - from npm dependencies and GitHub Actions to build server hardening and secret management - and maps findings directly to ISO 27001 and CBK IT Risk Management controls. We help you ship fast without shipping risk.

Is your organization protected? Request a free security assessment.