First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
5
Score
0/100
Findings (5)
Detects cloud provider token and credential endpoints
oauth2.googleapis.com/tokenBlock access to cloud instance metadata services using IMDSv2 token requirements, network rules, or iptables. This is a critical vector for credential theft in cloud environments.
Likely FP if the match is in security documentation explaining how to protect against SSRF/IMDS attacks rather than code that accesses the metadata service.
Detects cloud provider token and credential endpoints
oauth2.googleapis.com/tokenBlock access to cloud instance metadata services using IMDSv2 token requirements, network rules, or iptables. This is a critical vector for credential theft in cloud environments.
Likely FP if the match is in security documentation explaining how to protect against SSRF/IMDS attacks rather than code that accesses the metadata service.
Detects cloud provider token and credential endpoints
oauth2.googleapis.com/tokenBlock access to cloud instance metadata services using IMDSv2 token requirements, network rules, or iptables. This is a critical vector for credential theft in cloud environments.
Likely FP if the match is in security documentation explaining how to protect against SSRF/IMDS attacks rather than code that accesses the metadata service.
Detects cloud provider token and credential endpoints
oauth2.googleapis.com/tokenBlock access to cloud instance metadata services using IMDSv2 token requirements, network rules, or iptables. This is a critical vector for credential theft in cloud environments.
Likely FP if the match is in security documentation explaining how to protect against SSRF/IMDS attacks rather than code that accesses the metadata service.
Detects cloud provider token and credential endpoints
oauth2.googleapis.com/tokenBlock access to cloud instance metadata services using IMDSv2 token requirements, network rules, or iptables. This is a critical vector for credential theft in cloud environments.
Likely FP if the match is in security documentation explaining how to protect against SSRF/IMDS attacks rather than code that accesses the metadata service.