Skip to main content

Google CVE-2026-0532

HIGH
Server-Side Request Forgery (SSRF) (CWE-918)
2026-01-14 security@elastic.co
8.6
CVSS 3.1 · Vendor: elastic
Share

Severity by source

Vendor (elastic) PRIMARY
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Red Hat
8.6 HIGH
qualitative

Primary rating from Vendor (elastic).

CVSS VectorVendor: elastic

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 14, 2026 - 11:15 nvd
HIGH 8.6

DescriptionCVE.org

External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticated access with privileges sufficient to create or modify connectors (Alerts & Connectors: All). The server processes a configuration without proper validation, allowing for arbitrary network requests and for arbitrary file reads.

AnalysisAI

The Google Gemini connector in AI/ML products allows authenticated users with connector management privileges to read arbitrary files through unvalidated file path and network request parameters in credential configurations. An attacker with sufficient authentication access can craft malicious JSON payloads to trigger server-side requests and disclose sensitive files from the affected system. This vulnerability requires valid credentials and administrative privileges but presents a high risk of confidential data exposure.

Technical ContextAI

Classified as CWE-918 (Server-Side Request Forgery (SSRF)). External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticated access with privileges sufficient to create or modify connectors (Alerts & Connectors: All). The server processes a configuration without proper validation, allowing for arbitrary network requests

Affected ProductsAI

External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) can allow an attacker to cause arbitrary file discl

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Vendor StatusVendor

Share

CVE-2026-0532 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy