Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Google Vertex AI SDK for Python security patch release (1.144.0–1.148.0)

Security Patch Release
First reported
Last updated
Happening score
H score 15
1 unique sources, 1 articles

Summary

Hide ▲

Google released staged fixes for Google Cloud Vertex AI SDK for Python, closing a bucket-squatting path that could hijack model uploads and enable code execution in Google's serving infrastructure. The first safeguard landed in v1.144.0 on March 31, 2026, and the final hardening arrived in v1.148.0 on April 15, 2026. The update changed temporary bucket selection and then added bucket ownership verification in Model.upload(). Users of the SDK should move to 1.148.0 or later to activate the completed fix.

Related Happenings

PhpBB 3.3.17 security update

Security Patch Release
H score34 First: 09.06.2026 17:00 Last: 09.06.2026 17:00 Sources 1

About this happening: **phpBB** released **version 3.3.17** to fix **PTT-2026-004** and **PTT-2026-005**, closing account-takeover flaws affecting forum deployments. The update is the **only complete f...

Open Happening

Google security patch release for CVE-2026-10881

Security Patch Release
H score26 First: 06.06.2026 10:28 Last: 06.06.2026 10:28 Sources 1

About this happening: Google shipped **Chrome 149** with patches for **429 security bugs**, including **CVE-2026-10881** in **ANGLE**, creating a broad browser update for users on **Linux, Windows, and...

Open Happening

Linux kernel security update for Copy Fail (CVE-2026-31431)

Security Patch Release
H score53 First: 30.04.2026 16:54 Last: 30.04.2026 16:54 Sources 1

About this happening: **Linux kernel** maintainers have fixed **CVE-2026-31431** and are rolling out updates to close a **local privilege escalation** flaw that lets an unprivileged attacker gain **roo...

Open Happening

Google Gemini CLI workspace-trust hardening update

Security Patch Release
H score28 First: 30.04.2026 10:07 Last: 30.04.2026 10:07 Sources 1

About this happening: Google released a **Gemini CLI** security update that changes **workspace-trust handling** for **headless CI workflows**, reducing the risk that untrusted folders can trigger **ho...

Open Happening

Google Chrome emergency security updates for exploited zero-day

Security Patch Release
H score58 First: 11.12.2025 10:01 Last: 11.12.2025 10:01 Sources 1

About this happening: **Google** released **emergency updates** for **Chrome** after confirming an **exploited zero-day** in the **Stable Desktop** channel, reducing risk for users on **Windows, macOS,...

Open Happening

Timeline

  2. 16.06.2026 22:05 2 articles · 4h ago

    Google adds bucket ownership verification to Model.upload()

    Mitigation Patch Update

    Google completed the Vertex AI SDK for Python fix in v1.148.0, adding bucket ownership verification in Model.upload() to block bucket squatting on model uploads.

    Show sources
    Open in new tab