CVE-2026-22584

Critical CVSS: 9.8

Improper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable Files.This issue affects Uni2TS: through 1.2.0.

Vendor

Salesforce

Product

Uni2ts

CWE

CWE-94

Yayın Tarihi

2026-01-09 22:16:01

Güncelleme

2026-01-22 21:48:05

Source Identifier

security@salesforce.com

KEV Date Added

Kategoriler

CWE-94 Uni2ts CRITICAL Salesforce 2026

Referanslar

https://help.salesforce.com/s/articleView?id=005239354&type=1

Benzer Kayıtlar

Critical

CVE-2026-22583

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing…

Critical

CVE-2026-22585

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, For…

Critical

CVE-2026-22586

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Pr…

Critical

CVE-2026-22582

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing…

Medium

CVE-2025-64318

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allow…

Medium

CVE-2025-64319

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Mulesoft Anypoint Code Builder allows…