On June 8th, 2026, we released an updated version of Apigee (1-17-0-apigee-9).
| Bug ID | Description |
|---|---|
| 514384893 | Security fix for Apigee. Hardened the Script policy to block server-side request forgery (SSRF) to link-local addresses. |
| N/A | Security fix for Apigee infrastructure. |
| Bug ID | Description |
|---|---|
| 512850756 | Added observability metrics for the OpenTelemetry trace export pipeline, reporting spans exported, export latency, batch size, and dropped spans. |
| 515039499 | Fixed an issue where OpenTelemetry trace export over HTTP could fail to authenticate when sent through a forward proxy that requires basic authentication. |
On June 2nd, 2026, we released an updated version of Apigee Cassandra.
| Bug ID | Description |
|---|---|
| Apigee Cassandra security update | Security fix for Apigee Cassandra infrastructure. This addresses the following vulnerabilities: |
On May 29, 2026, we released an updated version of the Apigee UI.
Apigee EventFlow now supports the DataCapture policy
You can now use the DataCapture policy within an EventFlow to extract and persist data from server-sent events (SSE) streams, such as token counts and other fields from streaming LLM responses. For more information, see Use the DataCapture policy to capture token counts.
Manage Spaces in the Apigee UI
You can now create, view, update, and delete spaces, and manage their Identity and Access Management (IAM) policies directly in the Apigee UI. Previously, these actions could only be performed using the Apigee API. For more information, see Apigee Spaces overview.
]]>Apigee Emulator
On May 22, 2026, we released Apigee Emulator version 2.0.0.
Starting with this release, the Apigee Emulator is versioned and released independently from Apigee hybrid. This enables faster delivery of security patches and updates without waiting for hybrid release cycles. The emulator image continues to be available at Google Artifact Registry.
To use the new version, update the emulator version in your VS Code Cloud Code
settings to 2.0.0. See
Manage the Apigee Emulator
for details.
Apigee Emulator
Apigee Emulator
This release addresses 78 security vulnerabilities across Cassandra base image, Go standard library, Java dependencies, and Python packages. Key fixes include:
| CVE | Component |
|---|---|
| CVE-2022-42003 | Jackson Databind |
| CVE-2022-42004 | Jackson Databind |
| CVE-2022-38749 | SnakeYAML |
| CVE-2022-38750 | SnakeYAML |
| CVE-2023-2976 | Google Guava |
| CVE-2020-8908 | Google Guava |
| CVE-2024-12798 | Logback |
| CVE-2025-22866 | Go stdlib |
| CVE-2025-22870 | Go stdlib |
| CVE-2022-40897 | Python setuptools |
And 68 additional CVEs fixed through updated upstream dependencies.
]]>On May 21st, 2026, we released an updated version of Apigee (1-17-0-apigee-8).
| Bug ID | Description |
|---|---|
| 514973778 | Fixed Model Armor response parsing to gracefully handle unknown fields, so future Model Armor field additions no longer cause policy failures. |
On May 20, 2026, we published a security bulletin for Apigee.
A vulnerability was found in Apigee
(CVE-2026-2264)
where the IntegrationRegion
parameter in the SetIntegrationRequest policy lacks validation,
allowing for Server-Side Request Forgery (SSRF) and service account token
exfiltration. The issue arises when an attacker can control a flow variable used
for IntegrationRegion, leading to requests being sent to an
attacker-controlled host with the service account token.
Security bulletin published: GCP-2026-034
]]>On May 12th, 2026, we released an updated version of Apigee (1-17-0-apigee-7).
| Bug ID | Description |
|---|---|
| 511325186, 505460952, 502250074, 491231600, 497357701, 509560467, 496969438, 495897297, 495033618, 511332617, 505183435, 500735547, 500890221 | Security fix for Apigee infrastructure. This addresses the following vulnerabilities: |
| Bug ID | Description |
|---|---|
| 480260846 | Improved XML processing security to prevent external entity injection. |
| 510061670, 505723451, 503723862, 503817773 | Improved security in OAuthV2 policy. |
| 505645076 | Fixed a security issue in OAuthV2 policy to prevent unauthorized token injection. |
| 503047744, 410026138, 496021751 | Improved security isolation for PythonScript policy execution. |
| 469694040 | Fixed an issue where custom security policies could intermittently fail to apply, and improved security policy resolution to ensure correct policy selection. |
| 502971220 | Fixed a concurrency issue to improve stability under high load. |
| 509692565 | Fixed content-length header handling in external processing to prevent incorrect values. |
| 282207038 | Improved performance while listing apps on scale. |
| 501102321 | Fixed recurring fee calculation in monetization to correctly apply rate plan overrides. |
| 449729840, 502604752 | Fixed streaming response handling to prevent race conditions in bidirectional flows. |
| 507167063 | Fixed preservation of client request IDs during proxy chaining. |
| 507580304 | Improved IPv4 address normalization for consistent access control evaluation. |
| 502692267 | MCP to handle /.well-known/oauth-protected-resource/mcp resource paths. |
| 430170696 | Changed the error response from 500 to 401 for expired consumer keys. |
| 480770263 | Fixed SpikeArrest policy to handle edge cases that previously caused 500 errors. |
| 500861814 | Gracefully handle connection failures involving the forward proxy, resolving an issue where port exhaustion could trigger aggressive retry storms, excessive CPU usage, and unnecessary scaling. |
| 500313309 | Fixed SSE streaming detection logic. |
| 494304819 | Hardened message processor management ports by blocking external access to internal management endpoints. |
| 469642464 | Improved input validation in AI protection policies to prevent Server-Side Request Forgery. |
| 472526232 | Improved SAML assertion validation. |
| 494590020 | Added enforcement for product association in OAuthV2 flow. Apps without valid products are now denied. |
| 479288727 | Improved performance and reduced redundant work in ingress status watcher. |
| N/A | Updates to infrastructure and libraries. |
On April 29th, 2026, we began maintenance updates of Apigee instances configured for maintenance windows.
If you set a preferred window for maintenance for your instance, and your instance version is below 1-17-0-apigee-4, your instance will be updated to 1-17-0-apigee-4 within the next seven to 21 days. A notification containing the expected date of upgrade will be sent within the next two business days.
For more information on participating in scheduled maintenance windows, see Maintenance overview and Manage Apigee instance maintenance windows.
]]>Relaxed limitation on header name for Client IP resolution
The client IP can now be resolved from any header, not just the X-Forwarded-For header. The most common headers are X-Forwarded-For or True-Client-Ip.
For more information, see Client IP resolution.
]]>Correction to April 2, 2026 release note: Deployment disruption for Apigee Drupal Portal via Google Cloud Marketplace
For the deployment disruption announced on April 2, the announcement noted that deployment and management functionality using Google Cloud Deployment Manager would definitely be unavailable during the transition. This statement is incorrect. The functionality might be unavailable.
See the Known issue for more information.
On April 6th, 2026, we released an updated version of Apigee.
This change introduces the new apigee.coreServiceAgent IAM role for
Apigee. Effective immediately, use apigee.coreServiceAgent instead of the
apigee.serviceAgent role.
For information on the new role, see
apigee.coreServiceAgent.
Deployment disruption for Apigee Drupal Portal via Google Cloud Marketplace
Google Cloud Deployment Manager was deprecated as of March 31, 2026. We are currently transitioning the Apigee Drupal Portal Marketplace solution to use Infrastructure Manager. During this transition period, some deployment and management functionalities are unavailable.
Impact:
gcloud deployment-manager tool.Workaround & Resolution: Any configuration changes or management tasks must be performed directly on the individual Google Cloud resources (Compute Engine, Cloud SQL, etc.) rather than through the Marketplace UI.
We are actively working to release the updated Infrastructure Manager-based solution.
]]>On March 31st, 2026, we released an updated version of Apigee.
General Availability (GA) launch of Model Context Protocol (MCP) in Apigee
With this release, Model Context Protocol (MCP) in Apigee is generally available, enabling you to expose your Apigee APIs as MCP tools to agentic applications.
Any MCP client that supports remote MCP endpoints over HTTP/S can access these tools. Because the endpoints are managed, you don't need to install or manage local MCP servers, remote MCP servers, or additional infrastructure to enable agentic applications to access your services.
MCP in Apigee is available for Subscription, Pay-as-you-go, and Evaluation organizations, including organizations with Data Residency and VPC Service Controls enabled.
For more information on using MCP in Apigee, see MCP in Apigee overview.
Enhanced OAS server URL path handling for MCP in Apigee
With this feature enhancement, your OpenAPI specification (OAS) configurations behave exactly
as defined in the OAS standard, automatically combining the server.url base path value with individual operation paths.
For example, a server URL ofhttps://example.com/api/v1 paired with a path of /users will now correctly route to https://example.com/api/v1/users without additional manual intervention.
If you previously prepended base paths to your OAS paths entries, remove the path segment from your servers.url field to prevent
duplication. For example, change https://example.com/api/v1 to https://example.com.
For more information, see Create an OpenAPI 3.0 specification.
Updated MCP server target endpoint for MCP Discovery Proxies
With the GA launch of Model Context Protocol (MCP) in Apigee, the structure of the MCP server target endpoint for MCP Discover Proxies has changed to ORG_NAME.mcp.apigee.internal.
Private preview customers using the previous format (mcp.apigee.internal) are encouraged to update their proxies to reflect the new structure. Existing endpoints using the old format will continue to work, but new endpoints will use the new structure.
Known Issue 496552286: Deployment fails for MCP Discovery Proxies in regions with capacity limitations.
For more information, see Apigee known issues.
]]>On March 26th, 2026, we released an updated version of Apigee (1-17-0-apigee-6).
| Bug ID | Description |
|---|---|
| 495897297, 495909767 | Security fix for Apigee infrastructure. This addresses the following vulnerabilities: |
| Bug ID | Description |
|---|---|
| N/A | Updates to infrastructure and libraries. |
On March 19th, 2026, we began maintenance updates of Apigee instances configured for maintenance windows.
If you set a preferred window for maintenance for your instance, and your instance version is below 1-16-0-apigee-6, your instance will be updated to 1-16-0-apigee-6 within the next seven to 21 days. A notification containing the expected date of upgrade will be sent within the next two business days.
For more information on participating in scheduled maintenance windows, see Maintenance overview and Manage Apigee instance maintenance windows.
]]>On March 17th, 2026, we released an updated version of Apigee (1-17-0-apigee-5).
| Bug ID | Description |
|---|---|
| N/A | Updates to infrastructure and libraries. |
On March 10th, 2026, we released an updated version of Apigee (1-17-0-apigee-4).
| Bug ID | Description |
|---|---|
| N/A | Updates to infrastructure and libraries. |
| Bug ID | Description |
|---|---|
| 483769763, 481735779 | Security fix for Apigee infrastructure. This addresses the following vulnerabilities: |
On February 24th, 2026, we released an updated version of Apigee (1-17-0-apigee-3).
| Bug ID | Description |
|---|---|
| 470375542 | Fixed a memory leak which could result in a spike in 503 responses with no_healthy_upstream messages. |
| 480997525 | Applied a fix for proxy calls failing with The URI contains illegal characters error after Netty upgrade. |
| 485595627 | Fixed an issue resulting in TLS handshake errors. |
| Bug ID | Description |
|---|---|
| 481735779, 457138941, 471232237 | Security fix for Apigee infrastructure. This addresses the following vulnerabilities: |
On February 13, 2026, we published a security bulletin for Apigee.
A vulnerability was identified in the Apigee platform (CVE-2025-13292) that could have allowed a malicious actor with administrative or developer-level permissions in their own Apigee environment to elevate privileges and access cross-tenant data.
Security bulletin published: GCP-2026-010
]]>On February 10, 2026, we released an updated version of Apigee (1-17-0-apigee-2).
| Bug ID | Description |
|---|---|
| 481735779, 457138941, 471232237 | Security fix for Apigee infrastructure. This addresses the following vulnerabilities: |
| 470375542 | Fixed a memory leak which could result in a spike in 503 responses with no_healthy_upstream messages. |
| 480997525 | Applied a fix for proxy calls failing with The URI contains illegal characters error after Netty upgrade. |
| 485543125 | Apigee no longer supports the following TLS_RSA cipher suites:
|
On February 6th, 2026, we released an updated version of Apigee.
| Bug ID | Description |
|---|---|
| 477294854, 477297075, 477297324, 470988850, 471662549 | Security fix for Apigee infrastructure. This addresses the following vulnerabilities: |
Known Issue: 480997525 - Proxy calls fail with The URI contains illegal characters error after Netty upgrade
On January 21st, 2026, we released an updated version of Apigee (1-17-0-apigee-1).
| Bug ID | Description |
|---|---|
| 471001896, 469829527, 470953822, 462478248, 474415498 | Security fix for Apigee infrastructure. This addresses the following vulnerabilities: |
| Bug ID | Description |
|---|---|
| 433999957 | Implemented full TLS validation when fetching JWKS from remote URIs |
| 467762922 | Quota enforcement logic for Server-Sent Events (SSE) updated Quotas for SSE are now calculated strictly for events containing explicit token counts. The quota enforcement logic skips SSE that lack token usage metadata. |
| N/A | Updates to security, infrastructure, and libraries. |
On December 29th, 2025, we released an updated version of Apigee.
The Apigee Extension Processor provisioning API is available
Apigee Extension Processor customers can now use the Extension Processor provisioning API to create traffic extensions. For more information, see Get started with the Apigee Extension Processor
]]>On December 23, 2025, we released an updated version of Apigee.
New Apigee policies for LLM Token Management are now Generally Available (GA)
Two new Apigee policies for managing Large Language Model (LLM) workloads are now Generally Available (GA). These policies provide fine-grained control and rate-limiting for AI application traffic as follows:
<CountOnly> (placed in the response flow to track tokens consumed) or <EnforceOnly> (placed in the request flow to block calls if the quota is exceeded).HTTP 429 (Too Many Requests) status code.o200k_base encoding technique.HTTP 429 (Too Many Requests) status code.Related documents:
]]>On December 10th, 2025, we released an updated version of Apigee (1-16-0-apigee-6).
| Bug ID | Description |
|---|---|
| 458417250 | Multiple authorization headers Fixed issue where adding multiple authorization headers would cause Apigee to return a |
| N/A | Updates to security, infrastructure, and libraries. |
Mask KVM values
You can now turn on key value map (KVM) masking to mask values with asterisks (*****). For more information, see About KVM masking.
]]>On November 17, 2025, we released an updated version of Apigee (1-16-0-apigee-5).
Secure and validate documents using WS-Security with X.509 certificates
You can now secure and validate SOAP documents using WS-Security with X.509 certificates using crypto object methods. See Secure SOAP documents using WS-Security with X.509 certificates and Validate SOAP documents using WS-Security with X.509 certificates.
New field available in the Apigee Organization API
With this release, a new field is added to the Apigee Organization API. The new caCertificates (plural) field returns the value of the original CA certificate field and can hold additional values. The original caCertificate (singular) field is deprecated.
| Bug ID | Description |
|---|---|
| 454672970 | Added strict input validation to the SetIntegrationRequest policy |
| Bug ID | Description |
|---|---|
| N/A | Updates to security, infrastructure, and libraries. |
On October 31, 2025, we released an updated version of Apigee (1-16-0-apigee-4).
| Bug ID | Description |
|---|---|
| 452621774, 452381632, 441266643, 448498138 | Security fix for Apigee infrastructure. This addresses the following vulnerabilities:
|
| Bug ID | Description |
|---|---|
| 448647917 | Fixed a issue where non-SSL connections through a forward proxy could be improperly shared. |
| N/A | Updates to security, infrastructure, and libraries. |
On October 29, 2025, we released an updated version of Apigee.
Support for API-product scoped quotas
You can now set quotas at the API product level to limit the number of requests all API proxies in the API product can process within a specified time frame. See Configuring the quota policy to use API product quota settings for information and instructions.
NOTE: API product-scoped quotas are not supported in Apigee hybrid at this time.
Enhanced Validation for API products
Heightened validation logic for creating and updating API products is now available. Apigee now explicitly verifies proxy and environment resources against your organization when creating and updating API products.
Please ensure that all referenced resources exist and are correctly associated with your organization to avoid validation errors.
]]>On October 27, 2025, we released an updated version of Apigee.
Introduction of the target.evaluated.url flow variable
This release includes a new flow variable, target.evaluated.url,
which should be used instead of the target.url flow variable in
cases when the URL is dynamically constructed based on user input.
For more information, see the target flow variables documentation.
]]>