9 matches found
PYSEC-2026-344 Google Agent Development Kit (ADK) has a Code Injection and Missing Authentication vulnerability
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...
EUVD-2026-21900
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...
Google Agent Development Kit (ADK) has a Code Injection and Missing Authentication vulnerability
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...
CVE-2026-4810
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...
CVE-2026-4810 Remote Code Execution in Google Agent Development Kit (ADK)
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...
CVE-2026-4810 Remote Code Execution in Google Agent Development Kit (ADK)
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...
PT-2026-32287
Name of the Vulnerable Software and Affected Versions Google Agent Development Kit versions 1.7.0 through 1.28.0 Google Agent Development Kit versions 2.0.0a1 through 2.0.0a1 Description Code Injection and Missing Authentication issues in Google Agent Development Kit ADK on Python OSS, Cloud Run,...
context_compaction
Google ADK Context Compaction POC A proof of concept demonstr...
Ubuntu 22.04 LTS / 23.10 : Google Guest Agent and Google OS Config Agent vulnerability (USN-6746-1)
The remote Ubuntu 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6746-1 advisory. It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacker could possibly use this issue to...