Skip to main content

Google CVE-2026-2274

Server-Side Request Forgery (SSRF) (CWE-918)
2026-02-19 f45cbf4e-4146-4068-b7e1-655ffc2c548c

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:03 vuln.today
CVE Published
Feb 19, 2026 - 16:27 nvd
N/A

DescriptionCVE.org

A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet prior to 2025-11-23 allows an authenticated remote attacker to read sensitive local files and access internal network resources via crafted requests to the production cluster.

This vulnerability was patched and no customer action is needed.

AnalysisAI

A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet versions up to 2025-11 is affected by server-side request forgery (ssrf).

Technical ContextAI

This vulnerability (CWE-918: Server-Side Request Forgery (SSRF)) affects A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet. A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet prior to 2025-11-23 allows an authenticated remote attacker to read sensitive local files and access internal network resources via crafted requests to the production cluster.

This vulnerability was patched and no customer action is needed.

Affected ProductsAI

Product: A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet. Versions: up to 2025-11.

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2026-2274 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy