Vulnerability DatabaseCVE-2026-2473
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2026-2473
February 20, 2026
Predictable bucket naming in Vertex AI Experiments in Google Cloud Vertex AI from version 1.21.0 up to (but not including) 1.133.0 on Google Cloud Platform allows an unauthenticated remote attacker to achieve cross-tenant remote code execution, model theft, and poisoning via pre-creating predictably named Cloud Storage buckets (Bucket Squatting). This vulnerability was patched and no customer action is needed.
Affected Packages
https://github.com/googleapis/python-aiplatform.git (GITHUB):
Affected version(s) >=v1.21.0 <v1.133.0
Fix Suggestion:
Update to version v1.133.0
google-cloud-aiplatform (PYTHON):
Affected version(s) >=1.21.0 <1.133.0
Fix Suggestion:
Update to version 1.133.0
Related Resources (4)
https://github.com/googleapis/python-aiplatform
https://nvd.nist.gov/vuln/detail/CVE-2026-2473
https://github.com/googleapis/python-aiplatform/releases/tag/v1.133.0
https://docs.cloud.google.com/support/bulletins#gcp-2026-012
Do you need more information?
Contact Us
CVSS v4
Base Score:
7.7
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
PRESENT
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Weakness Type (CWE)
Generation of Predictable Numbers or Identifiers
CWE-340
EPSS
Base Score:
0.21