CVE-2025-26496

🗓️ 22 Aug 2025 20:10:41Reported by SalesforceType

CVE-2025-26496 Type Confusion in Tableau File Upload enables Local Code Inclusion on Windows Linux.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2025-26496	22 Aug 202520:32	–	circl
CNNVD	Salesforce Tableau Server和Salesforce Tableau Desktop 安全漏洞	22 Aug 202500:00	–	cnnvd
CVE	CVE-2025-26496	22 Aug 202520:10	–	cve
EUVD	EUVD-2025-25627	3 Oct 202520:07	–	euvd
NVD	CVE-2025-26496	22 Aug 202521:15	–	nvd
OSV	CVE-2025-26496	22 Aug 202521:15	–	osv
Positive Technologies	PT-2025-34490 · Salesforce · Tableau Desktop +1	22 Aug 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-26496	24 Aug 202520:11	–	redhatcve
SUSE CVE	SUSE CVE-2025-26496	25 Aug 202523:31	–	susecve
Tenable Nessus	Tableau Server 2023.3.x < 2023.3.19 / 2024.2.x < 2024.2.12 / 2025.1.x < 2025.1.3 Multiple Vulnerabilities (005105043)	30 Jul 202500:00	–	nessus

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "File Upload"
    ],
    "platforms": [
      "Windows",
      "Linux"
    ],
    "product": "Tableau Server, Tableau Desktop",
    "vendor": "Salesforce",
    "versions": [
      {
        "lessThan": "2025.1.3",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "2024.2.12",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "2023.3.19",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
cve	www.cve.org/CVERecord
help	www.help.salesforce.com/s/articleView

22 Aug 2025 20:14Current

EPSS0.00208

CWE-843