{"data":{"id":"6a1420e6-93fc-4b0b-bfe4-f2ea21dd768f","title":"GCP-2026-043","summary":"A vulnerability in Firebase Studio (Google's backend service for building apps) allowed authenticated users to access and download source code and list storage buckets belonging to other users' projects. The vulnerability has already been fixed and deployed to the backend service.","solution":"No action is required as the fix has been deployed. As a precautionary measure, users who stored sensitive information such as API keys (secret codes that grant access to services) in their Firebase Studio workspace may choose to rotate these keys by following instructions in the Firebase Studio troubleshooting guide.","labels":["security"],"sourceUrl":"https://docs.cloud.google.com/support/bulletins/index#gcp-2026-043","publishedAt":"2026-06-24T19:04:18.866Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["data_extraction"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["Google"],"affectedVendorsRaw":["Google Firebase Studio","Google Cloud Platform (GCP)"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-24T19:04:18.866Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}