Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

AlloyDB for PostgreSQL

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2026-7428
Assigner-f45cbf4e-4146-4068-b7e1-655ffc2c548c
ShareView Details
Assigner-f45cbf4e-4146-4068-b7e1-655ffc2c548c
CVSS Score-9.2||CRITICAL
EPSS-Not Assigned
Published-12 May, 2026 | 09:16
Updated-12 May, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure default administrative credentials in AlloyDB for PostgreSQL

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required network access to the AlloyDB cluster and was limited to Terraform or the REST API, as other clients blocked it.

Action-Not Available
Vendor-Google Cloud
Product-AlloyDB for PostgreSQL
CWE ID-CWE-1392
Use of Default Credentials