Approved changes feed: RSS · Atom

cpe:2.3:a:craftcms:google-cloud:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorCraftcms (251e238f-ce53-56ed-bc94-804b74356686)
ProductGoogle Cloud (a23f8647-e631-5334-a5db-e6f69961ccf1)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-32266 vulnerable 2026-06-08 07:57:17.327913 Google Cloud Storage for Craft CMS has an Information Disclosure Vulnerability
The Google Cloud Storage for Craft CMS plugin provides a Google Cloud Storage integration for Craft CMS. In versions on the 2.x branch prior to 2.2.1, the `DefaultController->actionLoadBucketData()` endpoint allows unauthenticated users with a valid CSRF token to view a list of buckets that the plugin is allowed to see. Users should update to version 2.2.1 of the plugin to mitigate the issue.
Published: 2026-03-18T03:46:00.150Z
Updated: 2026-03-18T18:08:06.854Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.