CVE-2026-2244

UNKNOWN 0.0

Sensitive Data Exposure in Google Cloud Vertex AI Workbench

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script. All instances after January 30th, 2026 have been patched to protect from this vulnerability. No user action is required for this.

CWE	CWE-200
Vendor	google cloud
Product	vertex ai workbench
Published	Feb 26, 2026
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for google cloud vertex ai workbench

Be the first to know when new unknown vulnerabilities affecting google cloud vertex ai workbench are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Google Cloud / Vertex AI Workbench

7/21/2025 < 01/30/2026

References

NVD ↗ CVE.org ↗ EPSS Data ↗

docs.cloud.google.com: https://docs.cloud.google.com/vertex-ai/docs/workbench/release-notes#February_20_2026

Credits

🔍 Moshe Bernstein with Tenable