CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

NVD•added 2026/02/06 7:16 p.m.•2 views

CVE-2026-25650

MCP Salesforce Connector is a Model Context Protocol MCP server implementation for Salesforce integration. Prior to 0.1.10, arbitrary attribute access leads to disclosure of Salesforce auth token. This vulnerability is fixed in 0.1.10...

8.7CVSS0.00016EPSS

Exploits0References3

CVE•added 2026/02/06 6:53 p.m.•4 views

CVE-2026-25650

CVE-2026-25650 concerns MCP Salesforce Connector (Model Context Protocol) prior to version 0.1.10. An arbitrary attribute access flaw allows disclosure of Salesforce OAuth bearer tokens used by MCP-Salesforce. Multiple sources (Red Hat, NVD, CVE lists, advisories) confirm the issue and that it is...

8.7CVSS5.5AI score0.00016EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/02/06 6:53 p.m.•1 views

CVE-2026-25650 MCP Salesforce Connector has arbitrary attribute access which leads to disclosure of Salesforce auth token

8.7CVSS5.7AI score0.00016EPSS

Exploits0References3

Cvelist•added 2026/02/06 6:53 p.m.•21 views

CVE-2026-25650 MCP Salesforce Connector has arbitrary attribute access which leads to disclosure of Salesforce auth token

8.7CVSS0.00016EPSS

Exploits0References3

OSV•added 2026/02/06 6:53 p.m.•1 views

CVE-2026-25650 MCP Salesforce Connector has arbitrary attribute access which leads to disclosure of Salesforce auth token

8.7CVSS5.5AI score0.00016EPSS

Exploits0References5

Snyk•added 2026/02/06 6:52 p.m.•2 views

Information Exposure

Overview mcp-salesforce-connector is an A Model Context Protocol MCP server implementation for Salesforce integration Affected versions of this package are vulnerable to Information Exposure due to arbitrary attribute access. An attacker can obtain sensitive bearer tokens by accessing arbitrary...

8.7CVSS5.8AI score0.00016EPSS

Exploits0References2

CNNVD•added 2026/02/06 12:0 a.m.•2 views

MCP Salesforce Connector 信息泄露漏洞

The MCP Salesforce Connector is a context-based protocol server developed by Suman’s individual developers. Versions of the MCP Salesforce Connector prior to 0.1.10 contained an information leakage vulnerability. This vulnerability stemmed from the possibility of arbitrary attribute access leadin...

8.7CVSS5.9AI score0.00016EPSS

Exploits0References3

Positive Technologies•added 2026/02/06 12:0 a.m.•1 views

PT-2026-6777

Name of the Vulnerable Software and Affected Versions MCP Salesforce Connector versions prior to 0.1.10 Description The software is a Model Context Protocol MCP server implementation for Salesforce integration. A flaw exists where arbitrary attribute access can lead to the disclosure of Salesforc...

8.7CVSS5.7AI score0.00016EPSS

Exploits0References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by