3 matches found
CVE-2026-3136
CVE-2026-3136 describes an improper authorization vulnerability in GitHub Trigger Comment Control within Google Cloud Build. Affected component: Trigger Comment Control in Google Cloud Build (prior to 2026-01-26). Root cause: improper authorization allows a remote attacker to execute arbitrary co...
CVE-2026-2244
Summary: CVE-2026-2244 affects Google Cloud Vertex AI Workbench. A vulnerability existed from 2025-07-21 to 2026-01-30 that allowed an attacker to exfiltrate valid Google Cloud access tokens of other users by abusing a built-in startup script. The exposure could enable unauthorized access to toke...
PT-2026-22149
A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script. All instances after January 30th, 2026 have been patched to protect from this vulnerability. No...