VYPR

Looker Studio

by Google

CVEs (3)

  • CVE-2025-12405HigNov 10, 2025
    risk 0.50cvss epss 0.00

    An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored…

  • CVE-2025-12397HigNov 10, 2025
    risk 0.49cvss epss 0.00

    A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability…

  • CVE-2025-12409HigNov 10, 2025
    risk 0.47cvss epss 0.00

    A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries…