Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE
By
Ori Hadad
18d ago
Source
unit42.paloaltonetworks.comPickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCEpaloaltonetworks.comUnit 42 discovered a Vertex AI Python SDK vulnerability that allows remote code execution via bucket squatting. Read the article for more. The post Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE appeared first on Unit 42 .
You might also wanna read
Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints
thehackernews.com·4d ago
OpenCode AI Coding Agent Hit with Critical Remote Code Execution Vulnerability
OpenCode, a popular open-source AI coding agent, was recently hit with a critical CVE (Common Vulnerabilities and Exposures) that allowed fo
Critical RCE Vulnerability in OpenClaw AI Assistant (CVE-2026-25253) Allows Data and Key Theft
A technical security analysis reveals a critical remote code execution (RCE) vulnerability (CVE-2026-25253) in OpenClaw, a popular open-sour

Critical RCE Vulnerability (CVE-2026-20251) Found in Splunk Products via Unsafe Deserialization
A critical security vulnerability (CVE-2026-20251) has been disclosed affecting multiple versions of Splunk Enterprise, Splunk Cloud Platfor
Three Remote Code Execution Vulnerabilities Discovered in ILIAS Learning Management System
The article details three previously unknown vulnerabilities that enable remote code execution (RCE) in versions 8, 9, and 10 of the ILIAS l
Critical Gogs RCE bug (CVSS 9.4) remains unpatched; exploit module now public
A critical remote code execution (RCE) vulnerability rated 9.4/10 has been discovered in Gogs, a popular open-source self-hosted Git service

Comments
Sign in to join the conversation.
No comments yet. Be the first.