← back
CVE-2025-26496

CVE-2025-26496

CVSS 9.3 CRITICALEPSS 0.2%CWE-843
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
Salesforce · Tableau Server, Tableau Desktop

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://help.salesforce.com/s/articleView?id=005132575&type=1https://www.cve.org/CVERecord?id=CVE-2022-1364