15 matches found
CVE-2026-4764
A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potentially take over a GCP project using a maliciously crafted playbook import. This vulnerability was...
CVE-2026-4764 Privilege Escalation in Dialogflow CX via Playbook Import
A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potentially take over a GCP project using a maliciously crafted playbook import. This vulnerability was...
CVE-2026-4764
The CVE reports a Missing Authorization in Dialogflow CX’s playbook import on Google Cloud Platform. An authenticated user with specific roles can escalate privileges via a malicious playbook import, potentially taking over a GCP project. The issue affects Dialogflow CX playbook import functional...
EUVD-2026-36221
A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potentially take over a GCP project using a maliciously crafted playbook import. This vulnerability was...
CVE-2026-4764 Privilege Escalation in Dialogflow CX via Playbook Import
A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potentially take over a GCP project using a maliciously crafted playbook import. This vulnerability was...
PT-2026-48647
A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potentially take over a GCP project using a maliciously crafted playbook import. This vulnerability was...
Google Cloud Platform Dialogflow CX 安全漏洞
Google Cloud Platform Dialogflow CX is a conversational AI development platform based on natural language understanding and generation technology, provided by Google, Inc. There is a security vulnerability in Google Cloud Platform Dialogflow CX. This vulnerability stems from the lack of...
CVE-2025-13427
An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific AP...
CVE-2025-13427
CVE-2025-13427 concerns an authentication bypass in Google Cloud Dialogflow CX Messenger. The vulnerability allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents’ knowledge and the ability to trigger their intents by manipulating initialization parame...
CVE-2025-13427 Authentication Bypass in Dialogflow CX Messenger
An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific AP...
PT-2025-52356
Name of the Vulnerable Software and Affected Versions Google Cloud Dialogflow CX Messenger versions prior to August 20th, 2025 Description An authentication bypass issue in Google Cloud Dialogflow CX Messenger permitted unauthorized users to interact with restricted chat agents. This allowed acce...
CVE-2025-12952
A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...
CVE-2025-12952 Privilege Escalation in Dialogflow CX via Webhook Admin Role
A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...
CVE-2025-12952
CVE-2025-12952 describes a privilege-escalation in Google Cloud Dialogflow CX. Investigations across multiple sources indicate that agents with Webhook editor permission could misuse Dialogflow service agent access token authentication to escalate from agent-level to project-level, enabling acces...
PT-2025-50307
A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...