Google Denied a Bug Bounty for a Critical, Unfixed GCP Flaw — Then Called It 'Working as Intended'

Google's Conflicting Response

The story of Google's response is one of whiplash-inducing contradictions.

Phase 1 — "Nice Catch!" O'Leary reported the bug to Google on March 8, 2026 . On March 27, a Google security engineer accepted the report and told him "Nice Catch!" . The engineer said they filed a bug with the relevant product team and assured O'Leary they would work with Google Cloud to fix the flaw, writing: "We'll work with the product team to ensure this issue is addressed. We'll let you know when the issue was fixed" . Google assigned the bug P1 priority (highest) and S1 severity (critical — affects a large percentage of users and can disrupt core organizational functions) .

Phase 2 — "Working as intended." On April 7 — 11 days later — O'Leary received a message from a Google Security Bot reversing the decision . The Cloud Vulnerability Reward Program panel concluded the "security impact of this issue does not meet the criteria to qualify for a reward" and that the software "is working as intended" . Google denied any bounty payout.

The contradiction: As of The Register's June 18 report, Google's internal bug tracker still listed ConfigConfusion as P1/S1 with status "in progress (accepted)" — conflicting with the public position that no vulnerability exists .

Unresolved Status

As of mid-June 2026 — over three months after the initial report — the vulnerability remains unpatched and unresolved . O'Leary has since published a research blog post with full technical details at olearysec.com .

Google's 2026 VRP Changes — Broader Context

In early May 2026, Google overhauled its Vulnerability Reward Programs for Chrome and Android, explicitly citing the rise of AI tools in vulnerability discovery .

Key changes:

• Chrome payouts dropped across most categories. Google's rationale was that AI tools can easily produce large volumes of lower-quality submissions, so it restructured rewards toward higher-impact, harder-to-automate bug classes .
• Android top payouts rose — a zero-click full-chain Titan M2 compromise with persistence now pays up to $1.5 million .
• Chrome's CVE publications quadrupled year-on-year (from 52 through early May 2025 to 252 through early May 2026), which Google cited as evidence of the AI-generated submission surge .

Critics argue this creates an awkward contrast: Google cuts Chrome payouts due to "AI noise" while simultaneously denying a human researcher's carefully reported, CVSS 10.0 cloud infrastructure bug on the grounds that it's "working as intended" — a decision many in the security community have called short-sighted and damaging to researcher trust .