CVE-2025-64318

Medium CVSS: 5.3

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1.

Vendor

Salesforce

Product

Mulesoft Anypoint Code Builder

CWE

CWE-94

Yayın Tarihi

2025-11-04 19:17:11

Güncelleme

2026-02-04 20:02:03

Source Identifier

security@salesforce.com

KEV Date Added

Kategoriler

CWE-94 Mulesoft Anypoint Code Builder MEDIUM Salesforce 2025

Referanslar

https://help.salesforce.com/s/articleView?id=005228032&type=1

Benzer Kayıtlar

Critical

CVE-2026-22583

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing…

Critical

CVE-2026-22585

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, For…

Critical

CVE-2026-22586

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Pr…

Critical

CVE-2026-22582

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing…

Critical

CVE-2026-22584

Improper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux al…

Medium

CVE-2025-64319

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Mulesoft Anypoint Code Builder allows…