Homing in on Arbitrary Code Execution within Gemini CLI
Three months ago, I found the time to try out Gemini CLI, an agentic coding chatbot just like Claude Code. Since we already discovered a high-severity arbitrary code execution in Anthropic's Claude Code which I wrote about here before, I couldn't stop myself wondering whether a similar vulnerability exists in Gemini CLI. It does.
Using Claude to Hack Claude Code
How a Sunday evening attempt to summarize a long voice message turned into discovering a high-severity command execution vulnerability in Anthropic's Claude Code.