SQL Injection in Google Cloud Looker Studio

CVE-2025-12397

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery…

Vulnerability class: SQL Injection

EPSS: 0.003 (19.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References