ГлавнаяУязвимости → CVE-2026-25650
7.5высокая

CVE-2026-25650

Описание

MCP Salesforce Connector is a Model Context Protocol (MCP) server implementation for Salesforce integration. Prior to 0.1.10, arbitrary attribute access leads to disclosure of Salesforce auth token. This vulnerability is fixed in 0.1.10.

Затрагиваемое ПО
Smn2gnt Mcp salesforce connector
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://github.com/smn2gnt/MCP-Salesforce/commit/a1e3a5a786f48508d066b6d40b58201ebf9b7fd6https://github.com/smn2gnt/MCP-Salesforce/releases/tag/v0.1.10https://github.com/smn2gnt/MCP-Salesforce/security/advisories/GHSA-vf6j-c56p-cq58