Google Antigravity critical prompt-injection RCE flaw
Vulnerability
Summary
Hide ▲
Show ▼
Google fixed a critical Antigravity flaw that let a prompt injection bypass Secure Mode and escalate to sandbox escape and remote code execution (RCE). The weakness centered on the `find_by_name` tool's Pattern parameter, where insufficient sanitization let attackers inject command-line flags into fd. Researchers at Pillar Security showed a PoC chain that could stage a malicious script and trigger it through a legitimate search. Google reportedly received the report in January and fixed it in February.
Related Happenings
Google Dialogflow CX Code Blocks shared-runtime isolation security flaw
Vulnerability
H score32
First: 07.07.2026 19:37
Last: 07.07.2026 19:37
Sources 1
About this happening:
**Google Dialogflow CX Code Blocks** had a shared-runtime isolation flaw that could let one editable agent affect other **Code Block-enabled agents** in the same **Google Cloud pr...
Google Dialogflow CX Code Blocks shared-runtime isolation security flaw
VulnerabilityAbout this happening: **Google Dialogflow CX Code Blocks** had a shared-runtime isolation flaw that could let one editable agent affect other **Code Block-enabled agents** in the same **Google Cloud pr...
Open-source admin tool zero-day 2FA bypass exploitation wave
Exploitation Wave
H score6
First: 11.05.2026 18:45
Last: 11.05.2026 18:45
Sources 1
About this happening:
Google identified a **mass vulnerability exploitation operation** using a **zero-day 2FA bypass** against a **popular open-source, web-based system administration tool**, creating...
Open-source admin tool zero-day 2FA bypass exploitation wave
Exploitation WaveAbout this happening: Google identified a **mass vulnerability exploitation operation** using a **zero-day 2FA bypass** against a **popular open-source, web-based system administration tool**, creating...
Popular open-source web-based system administration tool zero-day 2FA-bypass security flaw
Vulnerability
H score5
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
About this happening:
An **AI-assisted zero-day** in a **popular open-source web-based system administration tool** created a **2FA-bypass** risk before the flaw was closed by the vendor. **GTIG** said...
Popular open-source web-based system administration tool zero-day 2FA-bypass security flaw
VulnerabilityAbout this happening: An **AI-assisted zero-day** in a **popular open-source web-based system administration tool** created a **2FA-bypass** risk before the flaw was closed by the vendor. **GTIG** said...
Google GTIG analysis of adversary AI use for exploit development and attack orchestration
Technical Analysis
H score33
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
About this happening:
**Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...
Google GTIG analysis of adversary AI use for exploit development and attack orchestration
Technical AnalysisAbout this happening: **Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...
Google Looker Studio cross-tenant SQL injection flaws SQL injection flaw
Vulnerability
H score3
First: 10.03.2026 15:20
Last: 10.03.2026 15:20
Sources 1
About this happening:
Researchers disclosed **nine cross-tenant vulnerabilities** in **Google Looker Studio** that could let attackers run **arbitrary SQL queries** on victims' databases and exfiltrate...
Google Looker Studio cross-tenant SQL injection flaws SQL injection flaw
VulnerabilityAbout this happening: Researchers disclosed **nine cross-tenant vulnerabilities** in **Google Looker Studio** that could let attackers run **arbitrary SQL queries** on victims' databases and exfiltrate...
Timeline
-
21.04.2026 13:52 2 articles · 2mo ago
Google Antigravity critical prompt-injection RCE flaw
Initial DisclosureResearchers found that a prompt-injection path in **Google Antigravity** could turn a file-search helper into code execution before security checks ran. Google received the report in **January** and patched the flaw in **February**.
Show sources
- Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool — www.darkreading.com — 21.04.2026 13:52
- Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool — www.darkreading.com — 21.04.2026 13:52