BigQuery
Feature
Support for the AI.AGG function preview
has been temporarily disabled. We are working to restore this feature as soon as
possible.
Feature
To reduce LLM token consumption and query latency when processing large datasets, enable optimized mode using the following managed AI functions:
This feature is in Preview.
Feature
The following managed AI functions use Gemini to help you filter, join, rank, and classify your data:
AI.IF: Filter and join text and unstructured data (such as images, PDFs, audio, or video) based on a condition described in natural language.AI.SCORE: Rate text and unstructured data (such as images, PDFs, audio, or video) to rank your data by quality, similarity, or other criteria.AI.CLASSIFY: Classify text and unstructured data (such as images, PDFs, audio, or video) into user-defined categories.
These functions are generally available (GA).
Feature
You can use visualization cells to automatically generate a visualization of any DataFrame in your notebook. You can customize the columns, chart type, aggregations, colors, labels, and title.
This feature is generally available (GA).
Bigtable
Feature
You can now use GoogleSQL geography functions to work with geospatial data in Bigtable. This feature is generally available (GA). For more information, see Work with geospatial data and Geography functions reference.
Feature
Bigtable supports pipe syntax, an extension to GoogleSQL that lets you build simpler and more concise queries. This feature is generally available (GA).
Cloud CDN
Feature
Google Kubernetes Engine (GKE) Gateway supports Cloud CDN to help you cache content closer to your users, improve application latency, and reduce origin load. Using GKE Gateway APIs, you can configure, manage, and fine-tune caching configurations for different segments of your traffic. This feature is in Preview.
For more information, see Configure Cloud CDN for Gateway.
Cloud Logging
Libraries
Go
{: track-name=’go’} #### v1.15.0 (2026-04-09)Cloud Monitoring
Feature
Application Monitoring can display a single, dynamic topology map showing your App Hub applications and your registered and discovered services and workloads. This interactive map identifies services and workloads that have open incidents. It also displays the error rates and P95 latency between your services and workloads.
To learn more, see the following:
Cloud NAT
Feature
General Availability: Cloud NAT gateways for Public NAT support source-based NAT rules for IPv4 addresses.
Cloud Run
Feature
Support for NVIDIA RTX PRO 6000 Blackwell GPU is in General Availability. For more information, see GPU support for services, jobs, and worker pools.
Cloud Service Mesh
Announcement
1.28.5-asm.12 is now available for in-cluster Cloud Service Mesh.
This patch release contains fixes for the following platform CVEs:
| CVE | Proxy | Control Plane | Distroless | CNI | Severity |
|---|---|---|---|---|---|
| CVE-2026-33186 | Yes | Yes | Yes | Yes | Critical (9.1) |
| CVE-2026-3731 | Yes | Yes | No | Yes | High (7.5) |
| CVE-2026-3784 | Yes | Yes | No | Yes | Medium (6.5) |
| CVE-2026-1965 | Yes | Yes | No | Yes | Medium (6.5) |
| CVE-2026-29111 | Yes | Yes | No | Yes | Medium (5.5) |
| CVE-2026-3783 | Yes | Yes | No | Yes | Medium (5.3) |
| CVE-2025-0167 | Yes | Yes | No | Yes | Low (3.4) |
For details on upgrading Cloud Service Mesh, see Upgrade Cloud Service Mesh. Cloud Service Mesh 1.28.5-asm.12 uses Envoy 1.36.5-dev.
Announcement
1.27.8-asm.9 is now available for in-cluster Cloud Service Mesh.
This patch release contains fixes for the following platform CVEs:
| CVE | Proxy | Control Plane | Distroless | CNI | Severity |
|---|---|---|---|---|---|
| CVE-2026-33186 | Yes | Yes | Yes | Yes | Critical (9.1) |
| CVE-2026-3731 | Yes | Yes | No | Yes | High (7.5) |
| CVE-2026-3784 | Yes | Yes | No | Yes | Medium (6.5) |
| CVE-2026-1965 | Yes | Yes | No | Yes | Medium (6.5) |
| CVE-2026-29111 | Yes | Yes | No | Yes | Medium (5.5) |
| CVE-2026-3783 | Yes | Yes | No | Yes | Medium (5.3) |
| CVE-2025-0167 | Yes | Yes | No | Yes | Low (3.4) |
For details on upgrading Cloud Service Mesh, see Upgrade Cloud Service Mesh. Cloud Service Mesh 1.27.8-asm.9 uses Envoy 1.35.10-dev.
Announcement
The following images are now rolling out for managed Cloud Service Mesh:
- 1.21.6-asm.19 is rolling out to the rapid release channel.
- 1.20.8-asm.73 is rolling out to the regular release channel.
- 1.19.10-asm.66 is rolling out to the stable release channel.
These patch releases contain the fixes for the following CVEs:
| CVE | Proxy | Control Plane | Distroless | CNI | MDPC | Severity |
|---|---|---|---|---|---|---|
| CVE-2022-27943 | Yes | Yes | Yes | No | No | Medium (5.5) |
| CVE-2023-4039 | Yes | Yes | Yes | No | No | Medium (4.8) |
| CVE-2023-4527 | Yes | Yes | Yes | No | No | Medium (6.5) |
| CVE-2023-4806 | Yes | Yes | Yes | No | No | Medium (5.9) |
| CVE-2023-4911 | Yes | Yes | Yes | No | No | High (7.8) |
| CVE-2023-5156 | Yes | Yes | Yes | No | No | High (7.5) |
| CVE-2023-6246 | Yes | Yes | Yes | No | No | High (7.8) |
| CVE-2024-2961 | Yes | Yes | Yes | No | No | High (7.3) |
| CVE-2024-33599 | Yes | Yes | Yes | No | No | High (8.1) |
| CVE-2024-33600 | Yes | Yes | Yes | No | No | Medium (5.9) |
| CVE-2024-33601 | Yes | Yes | Yes | No | No | High (7.3) |
| CVE-2024-33602 | Yes | Yes | Yes | No | No | High (7.4) |
| CVE-2025-0167 | Yes | Yes | No | No | No | Low (3.4) |
| CVE-2025-0395 | Yes | Yes | Yes | Yes | No | Medium (6.2) |
| CVE-2025-15281 | Yes | Yes | Yes | No | No | High (7.5) |
| CVE-2025-4802 | Yes | Yes | Yes | Yes | No | High (7.8) |
| CVE-2025-68972 | Yes | Yes | No | No | No | Medium (4.7) |
| CVE-2025-8058 | Yes | Yes | Yes | No | No | Low (0.0) |
| CVE-2025-8941 | Yes | Yes | No | No | No | Low (0.0) |
| CVE-2026-0861 | Yes | Yes | Yes | No | No | High (8.4) |
| CVE-2026-0915 | Yes | Yes | Yes | No | No | High (7.5) |
| CVE-2026-1965 | Yes | Yes | No | Yes | Yes | Medium (6.5) |
| CVE-2026-29111 | Yes | Yes | No | Yes | Yes | Medium (5.5) |
| CVE-2026-33186 | Yes | Yes | Yes | No | No | Critical (9.1) |
| CVE-2026-3731 | Yes | Yes | No | Yes | Yes | High (7.5) |
| CVE-2026-3783 | Yes | Yes | No | Yes | Yes | Medium (5.3) |
| CVE-2026-3784 | Yes | Yes | No | No | No | Medium (6.5) |
Announcement
1.26.8-asm.5 is now available for in-cluster Cloud Service Mesh.
This patch release contains fixes for the following platform CVEs:
| CVE | Proxy | Control Plane | Distroless | CNI | Severity |
|---|---|---|---|---|---|
| CVE-2026-33186 | Yes | Yes | Yes | Yes | Critical (9.1) |
| CVE-2026-3731 | Yes | Yes | No | Yes | High (7.5) |
| CVE-2026-3784 | Yes | Yes | No | Yes | Medium (6.5) |
| CVE-2026-1965 | Yes | Yes | No | Yes | Medium (6.5) |
| CVE-2026-29111 | Yes | Yes | No | Yes | Medium (5.5) |
| CVE-2026-3783 | Yes | Yes | No | Yes | Medium (5.3) |
| CVE-2025-68972 | Yes | No | No | Yes | Medium (4.7) |
| CVE-2025-0167 | Yes | Yes | No | Yes | Low (3.4) |
| CVE-2025-8941 | Yes | No | No | Yes | Low (0.0) |
For details on upgrading Cloud Service Mesh, see Upgrade Cloud Service Mesh. Cloud Service Mesh 1.26.8-asm.5 uses Envoy 1.34.14-dev.
Colab Enterprise
Feature
Visualization cells
Generally available: You can use visualization cells to generate interactive and editable visualizations from within a Colab Enterprise notebook. You can configure the chart type, aggregation, colors, labels, and other aspects of the visualization to help you explore data and discover insights. For more information, see Use visualization cells.
Gemini
Fixed
Quota issues fixed in VS Code
Various bug fixes related to quota issues.
Fixed
Quota issues fixed in VS Code
Various bug fixes related to quota issues.
Gemini Enterprise
Feature
Gemini Enterprise: Enhanced filtering for Google Chat data stores (Preview)
You can configure filters for your Google Chat data stores using either the Google Cloud console or the API. These filters allow you to define exactly which Google Chat data is accessible to the Assistant by including or excluding specific content.
This feature is in Public Preview and is applicable for federated search only. For more information, see Set up a Google Chat data store and Add filters to a Google Chat data store.
Google Kubernetes Engine
Change
The validation of the HealthCheckPolicy custom resource from the
GKE Gateway API is more rigorous in GKE
version 1.34 and later. Existing HealthCheckPolicy resources that already
contain mismatched type fields in the config are exempted and continue to
function. However, updates to any existing policy must not introduce a
mismatched type field in the config or change currently mismatched
fields to new invalid values.
When the HealthCheckPolicy custom resource is validated, the type field
is now verified against the specified health check. For example, if
type: TCP is specified but httpHealthCheck is configured, then the fields
are mismatched and kubectl rejects the policy. However, for this same example,
if type: TCP is specified and tcpHealthCheck is configured, then the
fields are valid.
Earlier versions of GKE accept custom resources that don’t have matching fields. If you use an earlier version, the type field is used and the configuration in the health check field is ignored.
For more details, see Configure health checks.
Identity and Access Management
Feature
Requesters can schedule grant requests in Privileged Access Manager up to seven days in advance. This lets requesters align access with scheduled maintenance or on-call shifts.
This feature is in preview.
For more information, see Privileged Access Manager overview.
Memorystore for Valkey
Feature
Version 1.0 of Bloom filters and JSON documents is Generally Available.
Source: Google Cloud Platform
