Mcp Salesforce Connector

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-25650 HIGH PATCH This Week

Unauthenticated attackers can exploit arbitrary attribute access in MCP Salesforce Connector versions prior to 0.1.10 to extract sensitive Salesforce authentication tokens. This vulnerability requires only network access with no user interaction, enabling complete disclosure of credentials used for Salesforce API integration. Organizations using affected versions should upgrade to 0.1.10 immediately.

Information Disclosure AI / ML Mcp Salesforce Connector

NVD GitHub

CVSS 3.1

7.5

EPSS

0.0%

CVE-2026-25650

EPSS 0% CVSS 7.5

HIGH PATCH This Week

Unauthenticated attackers can exploit arbitrary attribute access in MCP Salesforce Connector versions prior to 0.1.10 to extract sensitive Salesforce authentication tokens. This vulnerability requires only network access with no user interaction, enabling complete disclosure of credentials used for Salesforce API integration. Organizations using affected versions should upgrade to 0.1.10 immediately.

Information Disclosure AI / ML Mcp Salesforce Connector

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy