cvedb.io
CVE-2026-12715
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2026-07-17T16:17:13.047 · Last modified 2026-07-17T16:17:13.047

Summary

Missing Authorization in Google Cloud Firebase Studio versions prior to 2026-04-15 on Google Cloud Platform allows an attacker to download other users' deployed source code and access sensitive data via unauthorized GCS URL signing requests. This vulnerability was patched on 15 April 2026, and no customer action is needed.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.