CVE-2026-2244

Sažetak

A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script. All instances after January 30th, 2026 have been patched to protect from this vulnerability. No user action is required for this.

Reference

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

27-02-2026 - 14:06

Objavljeno

26-02-2026 - 15:17