CVE-2026-3259

Vulnerability Description

A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized View Refresh mechanism in Google BigQuery on Google Cloud Platform allows an authenticated user to potentially disclose sensitive data using a crafted materialized view that triggers a runtime error during the refresh process.

This vulnerability was patched on 29 January 2026, and no customer action is needed.

Vulnerability Details

Published Date

April 23, 2026

Last Modified

April 23, 2026

CWE ID

CWE-209

Source

NVD

External References

https://docs.cloud.google.com/bigquery/docs/release-notes/#April_15_2026

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment