Improper Input Validation in Apigee by Google Cloud
CVE-2026-12879

5.9MEDIUM

Key Information:

Status
Vendor
CVE Published:
9 July 2026

What is CVE-2026-12879?

An improper input validation issue in the Apigee component of Google Cloud can be exploited by authenticated attackers to gain unauthorized access to cross-tenant data. This vulnerability, affecting Apigee versions prior to June 12, 2026, was effectively patched on the Apigee servers, ensuring users do not need to take additional action to mitigate the risk.

Affected Version(s)

Apigee 0 < 2026-06-12

References

CVSS V4

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Moshe Bernstein with Tenable
.