CVE-2026-2031

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published May 15, 2026

Vendor unknown

Description

An Improper Access Control vulnerability in several internal API endpoints for Google Cloud Application Integration prior to 2026-01-23 allows a remote, unauthenticated attacker to disclose sensitive internal information and execute arbitrary code using specially crafted HTTP requests to inadvertently exposed internal API endpoints.

References

https://docs.cloud.google.com/gemini/enterprise/docs/release-notes#May_07_2026