Critical Google Looker Flaws Let Attackers Access Multiple Companies' Data

Researchers find critical vulnerabilities in Google Looker, risking data breaches; urgent manual updates needed for on-premises users.

By Content Team

Feb 6, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Researchers discovered two serious vulnerabilities in Google Looker, a business intelligence platform used by over 60,000 companies including Walmart and Coinbase. The first bug allows SQL injection attacks to steal internal database secrets through error messages. The second, more dangerous flaw enables remote code execution by manipulating Git hooks through a complex exploit chain involving path traversal and race conditions.

On Google Cloud Platform, attackers could potentially access other customers' data due to shared infrastructure. Google has patched both issues, but organizations using on-premises deployments must manually update. The fixes require significant downtime and testing, which may delay critical updates for this central data hub.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Hackers Compromise Popular JavaScript Library Axios, Potentially Affecting 600,000 Downloads

Mar 31, 2026

AI-Powered 'Truman Show' Scam Creates Fake Investment Reality for Victims

Jan 9, 2026

Europol Leads Global Crackdown on Black Axe Cybercrime Gang, 34 Arrested

Jan 10, 2026

AI-Powered Scams Set to Overtake Ransomware as Top Cyber Threat in 2026

Jan 23, 2026