NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-2264

Summary	A vulnerability in the Google Cloud Apigee SetIntegrationRequest policy allowed remote attackers to perform Server-Side Request Forgery (SSRF) and exfiltrate service account access tokens. For successful exploitation, an administrator must initially establish an insecure configuration of the API proxy.
Publication Date	May 27, 2026, 2:16 a.m.
Registration Date	May 27, 2026, 4:08 a.m.
Last Update	May 27, 2026, 2:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://docs.cloud.google.com/apigee/docs/security-bulletins/security-bulletins#gcp-2026-034	f45cbf4e-4146-4068-b7e1-655ffc2c548c

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-918	サーバサイドリクエストフォージェリ	https://cwe.mitre.org/data/definitions/918.html