LeakyLooker Vulnerabilities in Google Looker Studio
Summary
Hide ▲
Show ▼
Nine cross-tenant vulnerabilities, collectively named LeakyLooker, were discovered in Google Looker Studio. These flaws could allow attackers to execute arbitrary SQL queries on victims' databases and exfiltrate sensitive data within Google Cloud environments. The vulnerabilities were disclosed responsibly and have been addressed by Google. No evidence of exploitation in the wild has been found.
Timeline
-
10.03.2026 15:20 1 articles · 22h ago
LeakyLooker Vulnerabilities Disclosed and Patched
Nine cross-tenant vulnerabilities in Google Looker Studio, collectively named LeakyLooker, were disclosed in June 2025. These flaws could enable attackers to execute arbitrary SQL queries and exfiltrate sensitive data within Google Cloud environments. The vulnerabilities have been addressed by Google, and there is no evidence of exploitation in the wild.
Show sources
- New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries — thehackernews.com — 10.03.2026 15:20
Information Snippets
-
LeakyLooker includes nine vulnerabilities affecting Google Looker Studio.
First reported: 10.03.2026 15:201 source, 1 articleShow sources
- New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries — thehackernews.com — 10.03.2026 15:20
-
The flaws could enable cross-tenant SQL injection and unauthorized data access.
First reported: 10.03.2026 15:201 source, 1 articleShow sources
- New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries — thehackernews.com — 10.03.2026 15:20
-
No evidence of exploitation in the wild has been reported.
First reported: 10.03.2026 15:201 source, 1 articleShow sources
- New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries — thehackernews.com — 10.03.2026 15:20
-
The vulnerabilities were disclosed in June 2025 and have been addressed by Google.
First reported: 10.03.2026 15:201 source, 1 articleShow sources
- New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries — thehackernews.com — 10.03.2026 15:20
-
Successful exploitation could allow attackers to exfiltrate, insert, or delete data in victims' Google Cloud environments.
First reported: 10.03.2026 15:201 source, 1 articleShow sources
- New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries — thehackernews.com — 10.03.2026 15:20