CVE-2026-2472

HIGH

Google Cloud Vertex AI SDK 1.98.0-1.131.0 - XSS

Title source: llm

Description

Stored Cross-Site Scripting (XSS) in the _genai/_evals_visualization component of Google Cloud Vertex AI SDK (google-cloud-aiplatform) versions from 1.98.0 up to (but not including) 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment via injecting script escape sequences into model evaluation results or dataset JSON data.

Exploits (3)

github WORKING POC 10 stars

by XiaomingX · pythonpoc

https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-2472

View Code ZIP pw:eip

nomisec WORKING POC

by megafart1 · poc

https://github.com/megafart1/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud

View Code ZIP pw:eip

nomisec WORKING POC

by JoshuaProvoste · poc

https://github.com/JoshuaProvoste/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud

View Code ZIP pw:eip

References (2)

[Various Sources] https://docs.cloud.google.com/support/bulletins#gcp-2026-011

[Exploit, Third Party Advisory] https://github.com/JoshuaProvoste/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud

Scores

CVSS v4 8.6

EPSS 0.0007

EPSS Percentile 22.2%

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/U:Amber

Details

CWE

CWE-79

Status published

Products (2)

Google Cloud/Vertex AI SDK for Python 1.98.0 - 1.131.0

pypi/google-cloud-aiplatform 1.98.0 - 1.131.0PyPI

Published Feb 20, 2026

Tracked Since Feb 21, 2026