CVE-2025-12405

CVE-2025-12405 describes an improper privilege management vulnerability in Looker Studio affecting all JDBC-based connectors. The underlying issue: a user with report view access can copy a report and trigger execution of arbitrary SQL on the data source database because stored credentials attach...

EUVD-2025-44043

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12405 Unauthorized access through stored credentials in Looker Studio

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12397 SQL Injection in Looker Studio

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Cybersecurity researchers have presented new findings related to a now-patched security issue in Microsoft's Windows Remote Procedure Call RPC communication protocol that could be abused by an attacker to conduct spoofing attacks and impersonate a known server. The vulnerability, tracked as...