Google BigQuery Materialized View Refresh Vulnerability Allowing Sensitive Data Disclosure

Vulnerability

A vulnerability in the Materialized View Refresh mechanism of Google BigQuery on Google Cloud Platform can lead to unauthorized disclosure of sensitive information. This issue arises when an authenticated user creates a materialized view designed to trigger a runtime error during the refresh process, potentially exposing confidential data. The vulnerability has been addressed as of January 29, 2026, and does not require any action from customers.

Impact

The vulnerability could result in the unintended exposure of sensitive data through error messages generated during the materialized view refresh process.

Added: Apr 23, 2026, 10:25 AM

Updated: Apr 23, 2026, 10:25 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

6.5

threat

0.0

urgency

0.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

6.5

threat

0.0

urgency

0.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Google BigQuery Materialized View Refresh Vulnerability Allowing Sensitive Data Disclosure

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating