EUVD-2026-21900
GHSA-rg7c-g689-fr3x
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber
Lifecycle Timeline
2Description
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit (ADK) versions 1.7.0 (and 2.0.0a1) through 1.28.1 (and 2.0.0a2) on Python (OSS), Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This vulnerability was patched in versions 1.28.1 and 2.0.0a2. Customers need to redeploy the upgraded ADK to their production environments. In addition, if they are running ADK Web locally, they also need to upgrade their local instance.
Analysis
Remote code execution in Google Agent Development Kit (ADK) versions 1.7.0-1.28.0 and 2.0.0a1 allows unauthenticated remote attackers to execute arbitrary code on ADK server instances via combined code injection and missing authentication flaws. Affects Python OSS deployments, Cloud Run, and GKE environments. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all ADK deployments (Python OSS, Cloud Run, GKE) and identify instances running versions 1.7.0-1.28.0 or 2.0.0a1; immediately isolate exposed instances from production traffic via network segmentation or firewall rules. Within 7 days: Monitor vendor (Google) security advisories for patch release and evaluate migration to patched versions or alternative solutions; implement network-based ingress filtering to restrict ADK access to trusted sources only. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today