Google Gemini Calendar invite prompt-injection leak path
Technical Analysis
Summary
Hide ▲
Show ▼
A Calendar invite prompt-injection technique can make Google Gemini leak private meeting details, turning a routine scheduling query into a data-exposure path. The issue matters because the malicious instructions are embedded in event content and can be executed when Gemini parses the calendar data.
Related Happenings
Google Gemini on Android notification-injection bypass using Fake Context Alignment
Technical Analysis
H score16
First: 03.06.2026 22:11
Last: 03.06.2026 22:11
Sources 1
About this happening:
Researchers found a **notification-based prompt-injection bypass** in **Google Gemini on Android** that could turn hostile notification text into **unauthorized assistant actions*...
Google Gemini on Android notification-injection bypass using Fake Context Alignment
Technical AnalysisAbout this happening: Researchers found a **notification-based prompt-injection bypass** in **Google Gemini on Android** that could turn hostile notification text into **unauthorized assistant actions*...
PromptSpy backdoor for Android with Gemini API automation
Malware Activity
H score22
First: 11.05.2026 16:02
Last: 11.05.2026 16:02
Sources 1
About this happening:
The **PromptSpy** backdoor for **Android** was highlighted for using **Gemini APIs** to automate device interaction, increasing the risk of unauthorized control on infected phones...
PromptSpy backdoor for Android with Gemini API automation
Malware ActivityAbout this happening: The **PromptSpy** backdoor for **Android** was highlighted for using **Gemini APIs** to automate device interaction, increasing the risk of unauthorized control on infected phones...
Google Gemini CLI workspace-trust hardening update
Security Patch Release
H score44
First: 30.04.2026 10:07
Last: 30.04.2026 10:07
Sources 1
About this happening:
Google released a **Gemini CLI** security update that changes **workspace-trust handling** for **headless CI workflows**, reducing the risk that untrusted folders can trigger **ho...
Google Gemini CLI workspace-trust hardening update
Security Patch ReleaseAbout this happening: Google released a **Gemini CLI** security update that changes **workspace-trust handling** for **headless CI workflows**, reducing the risk that untrusted folders can trigger **ho...
Google API keys Gemini single-service privilege escalation privilege-escalation flaw
Vulnerability
H score37
First: 26.02.2026 22:55
Last: 26.02.2026 22:55
Sources 1
About this happening:
**Google API keys** exposed in public code became a **Gemini authentication weakness**, allowing copied keys to reach **private data** and incur **API charges** on victim accounts...
Google API keys Gemini single-service privilege escalation privilege-escalation flaw
VulnerabilityAbout this happening: **Google API keys** exposed in public code became a **Gemini authentication weakness**, allowing copied keys to reach **private data** and incur **API charges** on victim accounts...
Google Gemini leaked API key mitigation
Advisory/Mitigation
H score73
First: 26.02.2026 22:55
Last: 26.02.2026 22:55
Sources 1
About this happening:
**Google** is rolling out **mitigations for leaked API keys** that can reach **Gemini API** data, reducing the risk of unauthorized access and usage charges. New **AI Studio keys*...
Google Gemini leaked API key mitigation
Advisory/MitigationAbout this happening: **Google** is rolling out **mitigations for leaked API keys** that can reach **Gemini API** data, reducing the risk of unauthorized access and usage charges. New **AI Studio keys*...
Timeline
-
20.01.2026 19:50 2 articles · 5mo ago
Miggo discloses Google Gemini Calendar invite prompt injection
Initial DisclosureResearchers at Miggo Security showed that a malicious Google Calendar invite with natural-language prompt-injection instructions could make Google Gemini leak private Calendar data when a victim asked about their schedule; Gemini could create a new event whose description exposed a private meeting summary, bypassing a separate malicious-prompt detector, and Google later added new mitigations.
Show sources
- Gemini AI assistant tricked into leaking Google Calendar data — www.bleepingcomputer.com — 20.01.2026 19:50
- Gemini AI assistant tricked into leaking Google Calendar data — www.bleepingcomputer.com — 20.01.2026 19:50