Local Command Execution Vulnerability in Looker by Google
CVE-2025-12740

7.7HIGH

Key Information:

Vendor: Google Cloud
Status: Looker
Vendor: CVE Published:; 24 November 2025

🔔 Create Google Cloud Vulnerability Alert

What is CVE-2025-12740?

In Looker, a flaw exists where users with a Developer role can exploit improperly filtered parameters in the IBM DB2 driver. This allows the execution of unauthorized commands through manipulated LookML scripts. Users of Self-hosted Looker installations are urged to upgrade to the patched versions promptly, while Looker-hosted instances have already received automatic mitigations. Affected Self-hosted versions include those from 25.0.93 upwards to 25.16.44.

Affected Version(s)

Looker Looker-hosted 0 < 25.0.93

Looker Looker-hosted 0 < 25.6.84

Looker Looker-hosted 0 < 25.12.42

References

https://cloud.google.com/support/bulletins#gcp-2025-052

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 24, 2025
Vulnerability Reserved
Nov 5, 2025

Credit

RyotaK of GMO Flatt Security Inc.

JSON