CVE-2026-4764EPSS p10.7%

CVE-2026-4764CVE-2026-4764

Description

A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potentially take over a GCP project using a maliciously crafted playbook import. This vulnerability was patched on 15 March 2026, and no customer action is needed.

Scoring

EPSS0.21% probability of exploitation · percentile 10.7% · 2026-06-19T12:03:05Z
Last modified2026-06-11
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.