Google Gemini Voice Assistant Vulnerable to Prompt Injection via Malicious Notifications

A prompt injection flaw in Google Gemini’s voice assistant allowed attackers to embed malicious commands within notifications, potentially enabling social engineering attacks. The vulnerability specifically affected Gemini’s notification system, though no specific exploitation instances or CVE identifiers were disclosed. The issue involved manipulating the assistant’s responses through crafted inputs, though no exact technical details on the injection method were provided. No timeline or dates for discovery or remediation were mentioned in the report. The impact included the risk of tricking users into executing unintended actions via deceptive notifications.