3 matches found
CVE-2026-3136
CVE-2026-3136 describes an improper authorization vulnerability in GitHub Trigger Comment Control within Google Cloud Build. Affected component: Trigger Comment Control in Google Cloud Build (prior to 2026-01-26). Root cause: improper authorization allows a remote attacker to execute arbitrary co...
CVE-2026-2244
Summary: CVE-2026-2244 affects Google Cloud Vertex AI Workbench. A vulnerability existed from 2025-07-21 to 2026-01-30 that allowed an attacker to exfiltrate valid Google Cloud access tokens of other users by abusing a built-in startup script. The exposure could enable unauthorized access to toke...
PT-2026-22149
Name of the Vulnerable Software and Affected Versions Google Cloud Vertex AI Workbench versions 7/21/2025 through 01/30/2026 Description A flaw exists in Google Cloud Vertex AI Workbench that enables an attacker to obtain legitimate Google Cloud access tokens belonging to other users. This is...