Google-Cloud

vulnerabilities 2026-06-18
Pickle in the Middle: Vertex AI SDK Bucket-Squatting Bug Enabled Cross-Tenant RCE
Unit 42's 'Pickle in the Middle' shows how a predictable staging-bucket name in the Vertex AI Python SDK let an attacker hijack model uploads and run code cross-tenant. Patched in google-cloud-aiplatform 1.148.0.
google-cloud vertex-ai supply-chain bucket-squatting machine-learning rce cloud-security

Pickle in the Middle: Vertex AI SDK Bucket-Squatting Bug Enabled Cross-Tenant RCE