Cross-Tenant Remote Code Execution Vulnerability in Google Cloud Vertex AI
CVE-2026-2473

7.7HIGH

Key Information:

Vendor: Google Cloud
Status: Vertex Ai Experiments
Vendor: CVE Published:; 20 February 2026

🔔 Create Google Cloud Vulnerability Alert

What is CVE-2026-2473?

A vulnerability in Google Cloud Vertex AI allows unauthenticated remote attackers to exploit predictable bucket naming in Cloud Storage. This can lead to cross-tenant remote code execution, allowing attackers to steal or poison machine learning models. The issue arises in versions 1.21.0 through 1.132.9, where attackers can pre-create Cloud Storage buckets with predictable names, facilitating unauthorized access to sensitive resources. The vulnerability has been addressed, and users are not required to take any action.

Affected Version(s)

Vertex AI Experiments 1.21.0 < 1.133.0

References

https://docs.cloud.google.com/support/bulletins#gcp-2026-012

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2026
Vulnerability Reserved
Feb 13, 2026

Credit

Omer Amiad

CVE-2026-2473 Data

JSON