Command Injection Vulnerability in Looker by Google Cloud
CVE-2025-12155

7.1HIGH

Key Information:

Vendor: Google Cloud
Status: Looker
Vendor: CVE Published:; 10 November 2025

🔔 Create Google Cloud Vulnerability Alert

What is CVE-2025-12155?

A security vulnerability in Looker arises from improper file path sanitization, specifically allowing command injection. This issue permits an attacker with Developer permissions to execute arbitrary shell commands when a deletion operation is performed by a user on the host system. While Looker-hosted instances have been patched, users of Self-hosted versions must upgrade to the latest versions to protect against potential exploitation. The vulnerability is now resolved in all supported Self-hosted releases.

Affected Version(s)

Looker Looker-hosted 0 < 24.12.100

Looker Looker-hosted 0 < 24.18.192

Looker Looker-hosted 0 < 25.0.69

References

https://cloud.google.com/support/bulletins#gcp-2025-052

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Oct 24, 2025

Credit

Tomas Lažauninkas

JSON