Skip to main content

Mcp Salesforce Connector

1 CVEs product

Monthly

CVE-2026-25650 PyPI HIGH PATCH This Week

Unauthenticated attackers can exploit arbitrary attribute access in MCP Salesforce Connector versions prior to 0.1.10 to extract sensitive Salesforce authentication tokens. This vulnerability requires only network access with no user interaction, enabling complete disclosure of credentials used for Salesforce API integration. Organizations using affected versions should upgrade to 0.1.10 immediately.

Information Disclosure AI / ML Mcp Salesforce Connector
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Unauthenticated attackers can exploit arbitrary attribute access in MCP Salesforce Connector versions prior to 0.1.10 to extract sensitive Salesforce authentication tokens. This vulnerability requires only network access with no user interaction, enabling complete disclosure of credentials used for Salesforce API integration. Organizations using affected versions should upgrade to 0.1.10 immediately.

Information Disclosure AI / ML Mcp Salesforce Connector
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy