Cybersecurity firm Tenable has disclosed a suite of nine critical vulnerabilities, collectively dubbed "LeakyLooker," within Google's Looker Studio business intelligence platform. These flaws fundamentally broke the platform's security design, enabling a novel attack class where threat actors could execute arbitrary SQL queries on victims' databases. This could have led to the unauthorized exfiltration, insertion, or deletion of sensitive data across organizations' Google Cloud Platform (GCP) environments. The vulnerabilities, for which there is no evidence of in-the-wild exploitation, were responsibly disclosed to Google in June 2025 and have since been patched.
The scope of potential impact was extensive, affecting any organization utilizing Looker Studio's data connectors. This includes integrations with core Google services like Google Sheets, BigQuery, Cloud Storage, and Spanner, as well as external databases via JDBC connectors for PostgreSQL, MySQL, and others. According to Tenable researcher Liv Matan, the flaws could have allowed attackers to access entire datasets and projects across different cloud tenants, effectively breaching the isolation between GCP customers.
Exploitation could occur through multiple vectors. An attacker could scan for publicly accessible Looker Studio reports or gain access to private ones that used vulnerable connectors like BigQuery. By exploiting the flaws, they could seize control of the underlying databases and run arbitrary SQL commands across the victim's entire GCP project. A particularly insidious path involved a logic flaw in the "copy report" feature. If a victim created a report using a JDBC-connected data source (e.g., PostgreSQL) and shared it, an attacker could clone the report. Critically, this clone would retain the original owner's database credentials, granting the attacker persistent access to modify or delete tables.
Another high-impact attack vector described by Tenable involved one-click data exfiltration. In this scenario, a victim could be tricked into opening a specially crafted, malicious Looker Studio report. This action would force the victim's browser to silently execute requests, siphoning data from the victim's own connected data sources directly to an attacker-controlled server. The combination of these vulnerabilities presented a severe risk, undermining trust in multi-tenant cloud analytics services. This disclosure underscores the critical importance of rigorous security reviews for features that handle credentials and cross-service permissions in complex, integrated cloud ecosystems.
