Bug 2441472 (CVE-2026-2472)

Summary:	CVE-2026-2472 google-cloud-aiplatform: google-cloud-aiplatform: Arbitrary code execution via Stored Cross-Site Scripting (XSS)
Product:	[Other] Security Response	Reporter:	OSIDB Bzimport <bzimport>
Component:	vulnerability	Assignee:	Product Security DevOps Team <prodsec-dev>
Status:	NEW ---	QA Contact:
Severity:	high	Docs Contact:
Priority:	high
Version:	unspecified	CC:	jkoehler, lphiri, mhayden, sdoran
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	---
Doc Text:	A flaw was found in google-cloud-aiplatform. This Stored Cross-Site Scripting (XSS) vulnerability allows an unauthenticated remote attacker to execute arbitrary JavaScript code within a victim's Jupyter or Colab environment. This is achieved by injecting malicious script escape sequences into model evaluation results or dataset JSON data. The primary consequence is arbitrary code execution.	Story Points:	---
Clone Of:		Environment:
Last Closed:		Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-02-20 20:04:06 UTC

Stored Cross-Site Scripting (XSS) in the _genai/_evals_visualization component of Google Cloud Vertex AI SDK (google-cloud-aiplatform) versions from 1.98.0 up to (but not including) 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment via injecting script escape sequences into model evaluation results or dataset JSON data.