Cross-Service Api Key Reuse And Retroactive Permission Expansion

Issue 57 Edition 2026-02-26 5 min read

General

Sources: 1 • Confidence: High • Updated: 2026-04-12 10:08

Key takeaways

Gemini and Google Maps (and other Google services) can share the same Google Cloud API keys rather than using per-service isolated keys.
The source recommends that developers check whether any of their API keys are affected by cross-service Gemini access risk.
Truffle Security reported finding 2,863 API keys in the November 2025 Common Crawl that could access Gemini, and they verified access by calling the Gemini "/models" listing endpoint.
A developer can accidentally enable Gemini billing on a Google Cloud API key that was previously public and may already be widely exposed.
Enabling the Gemini API on the same Google Cloud project can retroactively expand an existing API key's permissions in a way described as privilege escalation.

Gemini and Google Maps (and other Google services) can share the same Google Cloud API keys rather than using per-service isolated keys.
A developer can accidentally enable Gemini billing on a Google Cloud API key that was previously public and may already be widely exposed.
Enabling the Gemini API on the same Google Cloud project can retroactively expand an existing API key's permissions in a way described as privilege escalation.

The source recommends that developers check whether any of their API keys are affected by cross-service Gemini access risk.
Google is working to revoke affected API keys.

Truffle Security reported finding 2,863 API keys in the November 2025 Common Crawl that could access Gemini, and they verified access by calling the Gemini "/models" listing endpoint.

The source recommends that developers check whether any of their API keys are affected by cross-service Gemini access risk.

Under what exact conditions does a Google Cloud API key used for one service (e.g., Maps) become valid for Gemini (e.g., project-level enablement, default scopes, key restriction settings)?
What actions are possible with the exposed keys beyond calling the Gemini "/models" listing endpoint (e.g., actual inference, higher-cost operations, or access to other resources)?
How many of the 2,863 keys remain valid today, and what fraction are protected by referrer/IP/API restrictions that would prevent practical abuse?
What is Google’s concrete remediation plan (scope of revocations, timelines, notification mechanisms, and safe migration guidance for affected customers)?
Is there evidence of active exploitation or measurable fraud/cost incidents tied to this mechanism (as opposed to potential exposure)?

Higher scrutiny and cost risk for Google Cloud API key management could drive demand for secret scanning, key rotation, and cloud posture tooling, especially where public keys were previously considered low impact.
Near term customer engineering effort may increase for auditing, restricting, and rotating Google Cloud API keys if retroactive permission expansion is confirmed and broadly affects existing projects.

Google publishes a detailed remediation plan covering revocations, notifications, timelines, and migration guidance for affected customers.
Independent verification shows exposed keys can perform Gemini inference or other billable actions beyond listing models, not just the models endpoint.
Data indicates a large fraction of the reported keys remain valid and practically usable despite referrer, IP, or API restrictions.

Analysis shows Gemini access requires explicit per key configuration or restrictions typically prevent cross service abuse, limiting practical impact.
Provider side changes rapidly invalidate or isolate previously exposed keys, and customers report minimal rotation and remediation workload.
No evidence emerges of actionable operations beyond model listing and no measurable fraud or cost incidents are tied to this mechanism.