Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE

Palo Alto Unit42·4h·Reputable

Unit 42 discovered a Vertex AI Python SDK vulnerability that allows remote code execution via bucket squatting. Read the article for more. The post Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE appeared first on Unit 42.

Categories cybersecurity · government-security · unknown-it-category-15

Original source / advisory ↗

Published

6/16/2026, 10:00:29 AM

Fetched

6/16/2026, 12:19:33 PM

Trust

reputable · 80/100

Language