CVE-2026-0755 is an OS command injection vulnerability classified under CWE-78 found in the gemini-mcp-tool, specifically version 1.1.2. The vulnerability resides in the execAsync method, which fails to properly sanitize or validate user-supplied strings before incorporating them into system calls. This improper neutralization allows remote attackers to inject arbitrary OS commands, resulting in remote code execution (RCE) in the context of the service account running the gemini-mcp-tool. Notably, exploitation does not require any authentication or user interaction, significantly lowering the barrier for attackers. The vulnerability was identified and assigned by the Zero Day Initiative (ZDI) as ZDI-CAN-27783 and publicly disclosed on January 23, 2026. The CVSS v3.0 base score of 9.8 reflects the critical nature of this flaw, with network attack vector, no privileges required, and no user interaction needed. Although no known exploits are currently in the wild, the potential for severe impact is high. The gemini-mcp-tool is used for managing and controlling multi-channel processing systems, and compromise could lead to full system takeover, data theft, or disruption of services. The lack of a patch at disclosure time necessitates immediate mitigation efforts to prevent exploitation.

For European organizations, the impact of CVE-2026-0755 can be severe. Successful exploitation allows attackers to execute arbitrary commands remotely without authentication, potentially leading to complete system compromise. This threatens the confidentiality of sensitive data, integrity of system operations, and availability of critical services managed by gemini-mcp-tool. Organizations in sectors such as manufacturing, telecommunications, or utilities that rely on this tool for multi-channel processing control are particularly vulnerable. Disruption or takeover of these systems could result in operational downtime, financial losses, regulatory penalties under GDPR for data breaches, and reputational damage. The ease of exploitation and critical severity score mean attackers could rapidly weaponize this vulnerability, targeting European infrastructure and enterprises. Additionally, the absence of public exploits currently provides a narrow window for proactive defense before widespread attacks emerge.

1. Immediately identify and inventory all instances of gemini-mcp-tool version 1.1.2 within your environment. 2. Restrict network access to the gemini-mcp-tool service using firewall rules or network segmentation to limit exposure to untrusted networks. 3. Implement strict input validation and sanitization on any interfaces interacting with execAsync or similar functions, if source code or configuration changes are possible. 4. Monitor logs and network traffic for unusual or suspicious command execution patterns indicative of exploitation attempts. 5. Employ application-layer firewalls or intrusion detection/prevention systems (IDS/IPS) tuned to detect command injection signatures. 6. Engage with the vendor or community for patches or updates; apply them immediately once available. 7. Consider deploying compensating controls such as running the service with least privilege and using containerization or sandboxing to limit impact. 8. Conduct security awareness and incident response drills focused on this vulnerability to prepare for potential exploitation scenarios.