Researchers at Tenable disclosed two critical vulnerabilities called “LookOut” that can enable remote code execution and the theft of Looker’s internal management database, risking full system takeover and exposure of sensitive corporate data. Organizations running self-hosted Looker must apply patches immediately while Google has secured its managed cloud; #LookOut #GoogleLooker
Keypoints
- Tenable disclosed the “LookOut” vulnerabilities affecting Google Looker.
- A remote code execution chain can grant full control of a Looker server, enabling data theft and lateral movement.
- A second flaw allows extraction of Looker’s internal management database, exposing credentials and configuration secrets.
- Google secured its managed cloud, but self-hosted Looker instances require manual updates to specified safe versions.
- Administrators should check .git/hooks/ for unauthorized scripts and review logs for unusual SQL errors or internal connection abuse.
Read More: https://www.helpnetsecurity.com/2026/02/04/google-looker-vulnerabilities-cve-2025-12743/