PT-2026-56796 · Google · Apigee

Published

2026-07-09

·

Updated

2026-07-09

·

CVE-2026-12879

CVSS v4.0

5.9

Medium

VectorAV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear
Name of the Vulnerable Software and Affected Versions Google Cloud Apigee versions prior to 2026-06-12
Description An improper input validation issue exists within the BigQuery DAO of Google Cloud Apigee on Google Cloud Platform. This flaw allows an authenticated attacker to exfiltrate data across different tenants.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-12879

Affected Products

Apigee