SQL Injection in Google Cloud Looker Studio
CVE-2025-12397
A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery…
Vulnerability class: SQL Injection
EPSS: 0.003 (19.4th percentile) — read the EPSS interpretation.
Affected products
- Google Cloud Looker Studio — versions 0