CVE-2025-12472 – Remote Code Execution in Looker due to Improperly Validated Directory Deletion

CVE ID : CVE-2025-12472

Published : Nov. 19, 2025, 10:27 a.m. | 37 minutes ago

Description : An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance.

Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.

Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.103+
* 24.18.195+
* 25.0.72+
* 25.6.60+
* 25.8.42+
* 25.10.22+

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-12472 – Remote Code Execution in Looker due to Improperly Validated Directory Deletion

تکمیل ظرفیت سرور لهستان

سرور مناسب برای ترید و ارز دیجیتال

دیتاسنتر جدید در لهستان

سرور های جدید از اسپانیا

AMD EPYC & Ryzen از کشور انگلستان

آفر های جدید AMD EPYC و AMD Ryzen

آفر سرور اختصاصی از آمریکا

افزایش قیمت دامنه های ir از ۳۱ خرداد

افزایش قیمت جهانی دامنه .com

آفر های جدید سرور اختصاصی مرداد 1403

ManageEngine ServiceDesk Plus

قوانین جدید ثبت دامنه

پرداخت هزینه سرویس ها

افزایش قیمت ثبت دامنه

مشکلات شبکه و هارد بر روی نود 3

افزایش قیمت جهانی دامنه

نوشته های مشابه

CVE-2025-39665 – Livestatus Injection in dynmaps

CVE-2025-13947 – Webkit: webkitgtk: remote user-assisted information disclosure via file drag-and-drop

CVE-2025-29864 – ALZip SmartScreen Bypass Vulnerability

CVE-2025-13472 – Missing authorization in BlazeMeter Jenkins Plugin