{"data":{"id":"5e772309-ac16-4b99-a307-e645c763512a","title":"The Risk of Exposed Cloud Functions and How to Harden","summary":"Publicly exposed serverless applications (cloud functions that run code without requiring you to manage servers) often lack proper authentication and input validation, making them vulnerable to attacks like LFI (local file inclusion, where attackers read files they shouldn't access) and command injection (inserting malicious commands into user inputs). Successful exploitation can give attackers full control of the container instance and potentially the entire cloud environment.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://cloud.google.com/blog/topics/threat-intelligence/exposed-cloud-functions-harden/","publishedAt":"2026-07-15T14:00:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["Google"],"affectedVendorsRaw":["Google Cloud Run","Google Cloud Functions"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-07-15T14:00:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}