Google Cloud Vertex AI Workbench Access Token Exfiltration Vulnerability

Vulnerability

A vulnerability in Google Cloud Vertex AI Workbench exists in versions released between July 21, 2025, and January 30, 2026. This vulnerability allows an attacker to exfiltrate valid Google Cloud access tokens from other users by abusing a built-in startup script. Instances created after January 30, 2026, have been patched to address this issue. No user action is required to apply the patch.

Impact

Exploitation of this vulnerability allows for the unauthorized exfiltration of Google Cloud access tokens, which could be used to impersonate other users or access their resources.

Added: Feb 26, 2026, 3:40 PM

Updated: Feb 26, 2026, 3:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

3.2

threat

0.0

urgency

0.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

3.2

threat

0.0

urgency

0.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Google Cloud Vertex AI Workbench Access Token Exfiltration Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating