The Agentspace service was affected by a vulnerability that exposed sensitive information due to the use of predictable Google Cloud Storage bucket names. These names were utilized for error logs and temporary staging during data imports from GCS and Cloud SQL. This predictability allowed an attacker to engage in "bucket squatting" by establishing these buckets before a victim's initial use.
All versions after December 12th, 2025 have been updated to protect from this vulnerability. No user action is required for this.
Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-1727",
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"dateUpdated": "2026-02-06T21:44:42.763Z",
"dateReserved": "2026-01-31T01:40:19.018Z",
"datePublished": "2026-02-06T21:44:42.763Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud",
"dateUpdated": "2026-02-06T21:44:42.763Z"
},
"title": "Information Disclosure via Bucket Squatting in Google Cloud Agentspace.",
"descriptions": [
{
"lang": "en",
"value": "The Agentspace service was affected by a vulnerability that exposed sensitive information due to the use of predictable Google Cloud Storage bucket names. These names were utilized for error logs and temporary staging during data imports from GCS and Cloud SQL. This predictability allowed an attacker to engage in \"bucket squatting\" by establishing these buckets before a victim's initial use.\n\nAll versions after December 12th, 2025 have been updated to protect from this vulnerability. No user action is required for this.",
"supportingMedia": [
{
"type": "text/html",
"base64": false,
"value": "<p><span style=\"background-color: rgb(255, 255, 255);\">The Agentspace service was affected by a vulnerability that exposed sensitive information due to the use of predictable Google Cloud Storage bucket names. These names were utilized for error logs and temporary staging during data imports from GCS and Cloud SQL. This predictability allowed an attacker to engage in \"bucket squatting\" by establishing these buckets before a victim's initial use.</span></p><p><span style=\"background-color: rgb(255, 255, 255);\">All versions after December 12th, 2025 have been updated to protect from this vulnerability. No user action is required for this.</span></p>"
}
]
}
],
"affected": [
{
"vendor": "Google Cloud",
"product": "Gemini Enterprise (formerly Agentspace)",
"defaultStatus": "unaffected",
"versions": [
{
"version": "0",
"status": "affected",
"versionType": "date",
"lessThan": "12/12/2025"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://docs.cloud.google.com/gemini/enterprise/docs/release-notes#February_06_2026"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Omer Amiad",
"type": "reporter"
}
]
}
}
}