Security bulletins

This vulnerability affects Log Analytics interface and Cloud Monitoring dashboarding interface versions prior to January 2026.

What should I do?

No user action is needed. The affected user interfaces were updated in January 2026 to include intervention points to prevent malicious SQL from running without an opportunity for the user to inspect it.

What vulnerabilities are being addressed?

The vulnerability allows an attacker to access limited contents of a target's Log Analytics or BigQuery tables when the target views an attacker-crafted dashboard.

The vulnerability leverages BigQuery metadata channels to convey information about the target's table contents to an attacker-controlled Google Cloud project. The vulnerability is exacerbated by the dashboard interfaces behavior of automatically executing queries to populate SQL-backed widgets, which prevents the target from inspecting the attacker-crafted query prior to executing it with their credentials.