CVE-2026-4764

UNKNOWN 0.0

Privilege Escalation in Dialogflow CX via Playbook Import

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potentially take over a GCP project using a maliciously crafted playbook import. This vulnerability was patched on 15 March 2026, and no customer action is needed.

CWE	CWE-862
Vendor	google cloud
Product	dialogflow cx
Published	Jun 11, 2026
Last Updated	Jun 11, 2026

Stay Ahead of the Next One

Get instant alerts for google cloud dialogflow cx

Be the first to know when new unknown vulnerabilities affecting google cloud dialogflow cx are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Google Cloud / Dialogflow CX

0 < 2026-03-15

References

NVD ↗ CVE.org ↗ EPSS Data ↗

docs.cloud.google.com: https://docs.cloud.google.com/dialogflow/docs/release-notes#May_07_2026

Credits

🔍 Sreeram KL