CVE-2026-12879
Cross-Tenant Data Exfiltration in Apigee via BigQuery Confused Deputy
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
An Improper Input Validation vulnerability in BigQuery DAO in Google Cloud Apigee versions prior to 2026-06-12 on Google Cloud Platform allows an authenticated attacker to exfiltrate cross-tenant data. This vulnerability was patched on 12 June 2026 on the Apigee Servers, and no customer action is needed.
| CWE | CWE-610 CWE-441 |
| Vendor | google cloud |
| Product | apigee |
| Published | Jul 9, 2026 |
| Last Updated | Jul 9, 2026 |
Stay Ahead of the Next One
Get instant alerts for google cloud apigee
Be the first to know when new unknown vulnerabilities affecting google cloud apigee are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Google Cloud / Apigee
0 < 2026-06-12
References
Credits
๐ Moshe Bernstein with Tenable