CVE-2026-2244

A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script. All instances after January 30th, 2026 have been patched to protect from this vulnerability. No user action is required for this.

CVSS

No CVSS.

References

Link	Resource
https://docs.cloud.google.com/vertex-ai/docs/workbench/release-notes#February_20_2026

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad en Google Cloud Vertex AI Workbench desde el 21/7/2025 hasta el 30/1/2026 permite a un atacante exfiltrar tokens de acceso válidos de Google Cloud de otros usuarios mediante el abuso de un script de inicio incorporado. Todas las instancias posteriores al 30 de enero de 2026 han sido parcheadas para protegerse de esta vulnerabilidad. No se requiere ninguna acción del usuario para esto.

26 Feb 2026, 15:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-26 15:17

Updated : 2026-06-17 10:30

NVD link : CVE-2026-2244

Mitre link : CVE-2026-2244

CVE.ORG link : CVE-2026-2244

JSON object : View

Products Affected

No product.

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2026-2244", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-2244", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-26T14:59:28.758768Z"}}], "cvssMetricV40": [{"type": "Secondary", "source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "CLEAR", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "affected": [{"source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "affectedData": [{"vendor": "Google Cloud", "product": "Vertex AI Workbench", "versions": [{"status": "affected", "version": "7/21/2025", "lessThan": "01/30/2026", "versionType": "date"}], "defaultStatus": "unaffected"}]}], "published": "2026-02-26T15:17:45.250", "references": [{"url": "https://docs.cloud.google.com/vertex-ai/docs/workbench/release-notes#February_20_2026", "source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Google Cloud Vertex AI Workbench from\u00a07/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script.\n\nAll instances after January 30th, 2026 have been patched to protect from this vulnerability.\u00a0No user action is required for this."}, {"lang": "es", "value": "Una vulnerabilidad en Google Cloud Vertex AI Workbench desde el 21/7/2025 hasta el 30/1/2026 permite a un atacante exfiltrar tokens de acceso v\u00e1lidos de Google Cloud de otros usuarios mediante el abuso de un script de inicio incorporado.\n\nTodas las instancias posteriores al 30 de enero de 2026 han sido parcheadas para protegerse de esta vulnerabilidad. No se requiere ninguna acci\u00f3n del usuario para esto."}], "lastModified": "2026-06-17T10:30:37.200", "sourceIdentifier": "f45cbf4e-4146-4068-b7e1-655ffc2c548c"}