Back to CVE List

CVE-2026-12715

Vulnerability Description

Missing Authorization in Google Cloud Firebase Studio versions prior to 2026-04-15 on Google Cloud Platform allows an attacker to download other users' deployed source code and access sensitive data via unauthorized GCS URL signing requests.


This vulnerability was patched on 15 April 2026, and no customer action is needed.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-862
Source
NVD
Vendor
Google Cloud
Product
Firebase Studio

External References

Discussion (0)

Add Comment

No comments yet. Be the first!