๐Ÿ” CVE Alert

CVE-2026-12879

UNKNOWN 0.0

Cross-Tenant Data Exfiltration in Apigee via BigQuery Confused Deputy

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

An Improper Input Validation vulnerability in BigQuery DAO in Google Cloud Apigee versions prior to 2026-06-12 on Google Cloud Platform allows an authenticated attacker to exfiltrate cross-tenant data. This vulnerability was patched on 12 June 2026 on the Apigee Servers, and no customer action is needed.

CWE CWE-610 CWE-441
Vendor google cloud
Product apigee
Published Jul 9, 2026
Last Updated Jul 9, 2026
Stay Ahead of the Next One

Get instant alerts for google cloud apigee

Be the first to know when new unknown vulnerabilities affecting google cloud apigee are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Google Cloud / Apigee
0 < 2026-06-12

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
cloud.google.com: https://cloud.google.com/apigee/docs/release-notes#July_08_2026

Credits

๐Ÿ” Moshe Bernstein with Tenable