CVE-2025-12397

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

CVE-2025-12405

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12409

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries with the victim's...

CVE-2025-12405

CVE-2025-12405 describes an improper privilege management vulnerability in Looker Studio affecting all JDBC-based connectors. The underlying issue: a user with report view access can copy a report and trigger execution of arbitrary SQL on the data source database because stored credentials attach...

EUVD-2025-44043

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12405 Unauthorized access through stored credentials in Looker Studio

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12405 Unauthorized access through stored credentials in Looker Studio

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12409

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries with the victim's...

CVE-2025-12397

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

CVE-2025-12409

Looker Studio SQL injection via malicious report with native functions enabled could exfiltrate data from BigQuery. By delivering a report and having the victim open it, an attacker could execute injected SQL queries using the victim’s BigQuery permissions. Affects Looker Studio components involv...

EUVD-2025-44038

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries with the victim's...

CVE-2025-12409 SQL Injection in Looker Studio

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries with the victim's...

CVE-2025-12409 SQL Injection in Looker Studio

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries with the victim's...

CVE-2025-12397 SQL Injection in Looker Studio

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

EUVD-2025-44039

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

CVE-2025-12397 SQL Injection in Looker Studio

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

CVE-2025-12397

CVE-2025-12397 is a SQL injection vulnerability in Looker Studio that affects reports using BigQuery as the data source. A Looker Studio user with report view access could inject malicious SQL that runs with the report owner’s permissions. The issue’s impact is tied to the data source and report ...

PT-2025-45607

Name of the Vulnerable Software and Affected Versions Looker Studio versions prior to 07 July 2025 Description A SQL injection issue was identified in Looker Studio, potentially allowing unauthorized data exfiltration from BigQuery data sources. An attacker could create a malicious report with...

PT-2025-45606

Name of the Vulnerable Software and Affected Versions Looker Studio versions prior to 21 July 2025 Description A SQL injection issue exists in Looker Studio. A user with report view access can inject malicious SQL code that is executed with the permissions of the report owner. This affects report...

PT-2025-45609

Name of the Vulnerable Software and Affected Versions Looker Studio affected versions not specified Description An improper privilege management issue was identified in Looker Studio, affecting all JDBC-based connectors. A Looker Studio user with report view access could create a copy of a report...