CVE-2026-2031

Vulnerability Description

An Improper Access Control vulnerability in several internal API endpoints for Google Cloud Application Integration prior to 2026-01-23 allows a remote, unauthenticated attacker to disclose sensitive internal information and execute arbitrary code using specially crafted HTTP requests to inadvertently exposed internal API endpoints.

Related Weaknesses (CWE)

CWE-862

References

https://docs.cloud.google.com/gemini/enterprise/docs/release-notes#May_07_2026

FAQ

What is CVE-2026-2031?

CVE-2026-2031 is a documented vulnerability. An Improper Access Control vulnerability in several internal API endpoints for Google Cloud Application Integration prior to 2026-01-23 allows a remote, unauthenticated attacker to disclose sensitive ...

How severe is CVE-2026-2031?

CVSS scoring is not yet available for CVE-2026-2031. Check NVD for updates.

Is there a patch for CVE-2026-2031?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.