High severityNVD Advisory· Published Apr 23, 2026· Updated Apr 24, 2026

CVE-2026-3259

Description

A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized View Refresh mechanism in Google BigQuery on Google Cloud Platform allows an authenticated user to potentially disclose sensitive data using a crafted materialized view that triggers a runtime error during the refresh process.

This vulnerability was patched on 29 January 2026, and no customer action is needed.

Affected products

GoogleCloudPlatform/Cloud Billing Samplesinferred

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.cloud.google.com/bigquery/docs/release-notes/nvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000