Find notable cyber news and cases, enriched with sources, timelines, and signals.

Google Looker SQL injection and RCE chain multiple vulnerabilities remote code execution flaw (CVE-2025-12743)

Vulnerability
First reported
Last updated
Happening score
H score 51
1 unique sources, 1 articles

Summary

Hide ▲

Researchers identified Google Looker flaws that could expose secrets, configurations, and cloud data, including possible cross-tenant access in GCP deployments. One issue is CVE-2025-12743, a SQL injection path into the internal database that stores protected data. The other is a chained RCE exploit that could run arbitrary code on a Looker server, and Google has since fixed both issues and directed on-prem customers to update to secure versions in GCP-2025-052.

Related Happenings

Google Dialogflow CX Code Blocks shared-runtime isolation security flaw

Vulnerability
H score32 First: 07.07.2026 19:37 Last: 07.07.2026 19:37 Sources 1

About this happening: **Google Dialogflow CX Code Blocks** had a shared-runtime isolation flaw that could let one editable agent affect other **Code Block-enabled agents** in the same **Google Cloud pr...

NHS England Digital libssh2 update advisory for CVE-2026-55200

Advisory/Mitigation
H score38 First: 29.06.2026 10:06 Last: 29.06.2026 10:06 Sources 1

About this happening: **NHS England Digital** has issued an **update advisory** for **libssh2** after a public proof-of-concept surfaced for **CVE-2026-55200**. The flaw can let a **malicious or compro...

Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication

Technical Analysis
H score16 First: 21.05.2026 23:07 Last: 21.05.2026 23:07 Sources 1

About this happening: Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...

Cursor local SQLite secret-storage exposing credentials security flaw

Vulnerability
H score34 First: 29.04.2026 18:00 Last: 29.04.2026 18:00 Sources 1

About this happening: A **high-severity** **Cursor** flaw lets installed extensions read secrets stored locally, exposing **API keys** and **session tokens** without user interaction. The weakness stem...

Unit 42 Zealot proves autonomous cloud attack chaining in GCP

Technical Analysis
H score28 First: 23.04.2026 13:00 Last: 23.04.2026 13:00 Sources 1

About this happening: **Unit 42's Zealot PoC** shows autonomous AI can chain cloud attack stages in a live **Google Cloud Platform** environment, shrinking defender reaction time to minutes. The system...

Timeline

  1. 04.02.2026 13:00 2 articles · 5mo ago

    Tenable discloses Looker SQL injection and RCE chain

    Initial Disclosure

    On 2026-02-04, Tenable researcher Liv Matan described two security flaws in Google Looker: CVE-2025-12743, a SQL injection path into Looker's internal database that stores user lists, secrets, and configurations, and a separate remote code execution chain that could run arbitrary code on a Looker server. The findings could let an attacker steal secrets and configurations, perform lateral movement inside the target environment, and, in Google Cloud Platform deployments, potentially reach other tenants' data.

    Show sources