CVE-2025-9118 is a critical path traversal vulnerability identified in Google Cloud Dataform, specifically within its NPM package installation process. The vulnerability arises due to improper limitation of pathnames to restricted directories (CWE-22), allowing a remote attacker to manipulate the package.json file in a malicious manner. This crafted package.json can exploit the path traversal flaw to read and write files outside the intended repository boundaries, potentially accessing or modifying files belonging to other customers' repositories hosted on the same platform. The vulnerability is remotely exploitable without requiring any authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The impact on confidentiality and integrity is high, as attackers can exfiltrate sensitive data or inject malicious code into other users' repositories. The availability impact is not directly indicated but could be indirectly affected if critical files are overwritten or corrupted. The vulnerability affects Google Cloud Dataform versions as of August 7, 2025, and was published on August 25, 2025. Despite the absence of publicly known exploits in the wild at the time of publication, the CVSS score of 10 underscores the critical severity and the urgent need for remediation. The lack of available patches at the time of reporting further elevates the risk for organizations relying on this service. Given the multi-tenant nature of cloud environments, this vulnerability poses a significant threat to data isolation and tenant security within Google Cloud Dataform.

For European organizations utilizing Google Cloud Dataform, this vulnerability presents a severe risk to data confidentiality and integrity. Organizations handling sensitive or regulated data (e.g., financial, healthcare, or personal data under GDPR) could face unauthorized data disclosure or tampering, leading to compliance violations, reputational damage, and potential financial penalties. The ability of an attacker to access or modify other customers' repositories undermines the trust model of cloud multi-tenancy, potentially exposing proprietary code, intellectual property, or configuration files. Additionally, the vulnerability could facilitate further attacks such as supply chain compromises if malicious code is injected into shared repositories. The critical nature of the vulnerability and the absence of authentication requirements mean that attackers can exploit it at scale, increasing the risk of widespread impact across European enterprises leveraging Google Cloud Dataform for data engineering and analytics workflows.

1. Immediate monitoring and access control: Organizations should monitor their Google Cloud Dataform environments for unusual file access or modifications, especially around package.json files and repository contents. 2. Restrict usage: Temporarily restrict or suspend use of the NPM package installation feature within Dataform until an official patch is released. 3. Network segmentation and isolation: Employ network-level controls to limit exposure of Dataform services and repositories to only trusted IP ranges and users. 4. Validate package.json files: Implement additional validation or scanning of package.json files before installation to detect and block malicious path traversal attempts. 5. Engage with Google Cloud support: Stay updated with Google Cloud advisories for patches or workarounds and apply them promptly once available. 6. Backup and recovery: Ensure robust backup procedures for repositories to enable recovery in case of unauthorized modifications. 7. Incident response readiness: Prepare incident response plans specific to this vulnerability, including forensic analysis capabilities to detect exploitation attempts. These measures go beyond generic advice by focusing on immediate operational controls and proactive validation tailored to the nature of the vulnerability in the Dataform environment.