CVE-2026-4764

Vulnerability

A missing authorization vulnerability exists in the playbook import functionality of Dialogflow CX on Google Cloud Platform. An authenticated user with specific roles (e.g., Dialogflow Editor) can import a maliciously crafted playbook that bypasses access controls. The issue affects all versions prior to the patch applied on 15 March 2026 [1].

Exploitation

An attacker must have authenticated access to a GCP project with a role that permits playbook import (such as dialogflow.editor). The attacker crafts a playbook file that exploits the missing authorization check and imports it via the Dialogflow CX API or console. No additional user interaction is required beyond the import action.

Impact

Successful exploitation allows the attacker to escalate privileges within the GCP project, potentially gaining owner-level access. This can lead to full project takeover, including control over all resources, data exfiltration, and further lateral movement within the organization's GCP environment.

Mitigation

The vulnerability was patched by Google on 15 March 2026 as part of a server-side update. No customer action is required; the fix is automatically applied to all Dialogflow CX instances. The patch is documented in the Dialogflow release notes [1].