PT-2026-34647 · Google · Bigquery
Published
2026-04-23
·
Updated
2026-04-23
·
CVE-2026-3259
CVSS v4.0
7.1
High
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/U:Clear |
Name of the Vulnerable Software and Affected Versions
Google BigQuery on Google Cloud Platform versions prior to 29 January 2026
Description
A flaw in the Materialized View Refresh mechanism allows an authenticated user to potentially disclose sensitive data. This occurs when a crafted materialized view triggers a runtime error during the refresh process, resulting in an error message that contains sensitive information.
Recommendations
No customer action is needed as the issue was patched on 29 January 2026.
Fix
Generation of Error Message Containing Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bigquery