This vulnerability was patched on 15 March 2026, and no customer action is needed.
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 11 Jun 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 11 Jun 2026 12:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Google
Google cloud Dialogflow Cx |
|
| Vendors & Products |
Google
Google cloud Dialogflow Cx |
Thu, 11 Jun 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potentially take over a GCP project using a maliciously crafted playbook import. This vulnerability was patched on 15 March 2026, and no customer action is needed. | |
| Title | Privilege Escalation in Dialogflow CX via Playbook Import | |
| Weaknesses | CWE-862 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: GoogleCloud
Published:
Updated: 2026-06-11T12:41:05.278Z
Reserved: 2026-03-24T11:41:11.276Z
Link: CVE-2026-4764
Updated: 2026-06-11T12:41:00.624Z
Status : Awaiting Analysis
Published: 2026-06-11T12:16:31.620
Modified: 2026-06-11T15:22:48.573
Link: CVE-2026-4764
No data.
OpenCVE Enrichment
Updated: 2026-06-11T12:30:14Z