A critical vulnerability in the Google Cloud Vertex AI SDK for Python allows attackers to achieve cross-tenant Remote Code Execution (RCE) via bucket squatting. By predicting default staging bucket names and exploiting a lack of ownership verification, attackers can intercept model uploads and inject malicious pickle payloads, leading to the theft of highly privileged service account tokens.