CVE ID : CVE-2026-2472
Published : Feb. 20, 2026, 7:29 p.m. | 39 minutes ago
Description : Stored Cross-Site Scripting (XSS) in the _genai/_evals_visualization component of Google Cloud Vertex AI SDK (google-cloud-aiplatform) versions from 1.98.0 up to (but not including) 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim’s Jupyter or Colab environment via injecting script escape sequences into model evaluation results or dataset JSON data.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Published : Feb. 20, 2026, 7:29 p.m. | 39 minutes ago
Description : Stored Cross-Site Scripting (XSS) in the _genai/_evals_visualization component of Google Cloud Vertex AI SDK (google-cloud-aiplatform) versions from 1.98.0 up to (but not including) 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim’s Jupyter or Colab environment via injecting script escape sequences into model evaluation results or dataset JSON data.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…