Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.7
Google Cloud Vertex AI Predictable Bucket Naming Exposes Data to Unauthenticated Attackers
CVE-2026-2473
GHSA-wh2j-26j7-9728
Summary
A bug in Google Cloud Vertex AI allowed an attacker to access and manipulate data from other users' accounts without permission. This was fixed by Google, and no action is needed from users. However, it's a good reminder to keep software up to date to prevent similar issues in the future.
What to do
- Update google-cloud-aiplatform to version 1.133.0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | google-cloud-aiplatform | > 1.21.0 , <= 1.133.0 | 1.133.0 |
Original title
Google Cloud Vertex AI has a a vulnerability involving predictable bucket naming
Original description
Predictable bucket naming in Vertex AI Experiments in Google Cloud Vertex AI from version 1.21.0 up to (but not including) 1.133.0 on Google Cloud Platform allows an unauthenticated remote attacker to achieve cross-tenant remote code execution, model theft, and poisoning via pre-creating predictably named Cloud Storage buckets (Bucket Squatting).
This vulnerability was patched and no customer action is needed.
This vulnerability was patched and no customer action is needed.
nvd CVSS4.0
7.7
Vulnerability type
CWE-340
Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026