CVE-2026-7428

UNKNOWN 0.0

Insecure default administrative credentials in AlloyDB for PostgreSQL

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required network access to the AlloyDB cluster and was limited to Terraform or the REST API, as other clients blocked it.

CWE	CWE-1392
Vendor	google cloud
Product	alloydb for postgresql
Published	May 12, 2026
Last Updated	May 12, 2026

Stay Ahead of the Next One

Get instant alerts for google cloud alloydb for postgresql

Be the first to know when new unknown vulnerabilities affecting google cloud alloydb for postgresql are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Google Cloud / AlloyDB for PostgreSQL

0 < 2025-11-03

References

NVD ↗ CVE.org ↗ EPSS Data ↗

docs.cloud.google.com: https://docs.cloud.google.com/alloydb/docs/release-notes#April_28_2026

Credits

🔍 Mark Lawrenson