Remote Code Execution Vulnerability in Looker by Google Cloud
CVE-2025-12739

7.3HIGH

Key Information:

Vendor: Google Cloud
Status: Looker
Vendor: CVE Published:; 24 November 2025

🔔 Create Google Cloud Vulnerability Alert

What is CVE-2025-12739?

A vulnerability exists in Looker that allows an attacker with viewer permissions to craft a malicious URL. When an admin opens this URL, the attacker's script executes, posing significant security risks. This vulnerability affects both Looker-hosted and self-hosted deployments. While Looker-hosted instances have been automatically mitigated, self-hosted versions require urgent upgrades. All patched versions of the Looker Self-hosted product include protections against this vulnerability. Users are advised to download the latest supported versions from the Looker download page.

Affected Version(s)

Looker Looker-hosted 0 < 24.18.201

Looker Looker-hosted 0 < 25.0.79

Looker Looker-hosted 0 < 25.6.66

References

https://cloud.google.com/support/bulletins#gcp-2025-068

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 24, 2025
Vulnerability Reserved
Nov 5, 2025

Credit

Sivanesh Ashok

Sreeram KL

JSON