Security Advisories
Date
Type
Subject
Description
Products
October 2, 2025
Security Update
We are aware of recent extortion attempts by threat actors, which we have investigated in partnership with external experts and authorities. Our findings indicate these attempts relate to past or unsubstantiated incidents, and we remain engaged with affected customers to provide support.
—
August 28, 2025
Security Advisory
Salesforce has disabled all integrations between Salesforce and Salesloft technologies, including the Drift app, as a precautionary measure. Organizations will not be able to connect to Salesforce via any Salesloft apps until further notice.
—
August 27, 2025
Security Advisory
Salesforce has disabled the connection between the Drift app by Salesloft and Salesforce after identifying a security incident. This issue did not stem from a vulnerability within the core Salesforce platform.
—
August 25, 2025
Security Advisory
To enhance security against prompt injection risks in Agentforce and Einstein Generative AI, Salesforce is changing the “isConfirmationRequired” setting for “AddCaseComment”, “CancelOrder”, “CreateCase”, “CreateCaseEnhancedData”, “FinalizeNewDeliveryTime”, “FinalizeReservation”, “ResetPassword”, and “ResetSecurePassword” actions, ensuring Human-in-the-loop (HITL) confirmation before actioning.
We are applying this proactive security measure to all Agentforce Standard actions to help reduce the risk of prompt injections. As a result, Service Agents will more frequently ask you to confirm an action before it is executed. We recommend customers configure their custom actions to require confirmation before completing any sensitive actions.
Agentforce
August 22, 2025
Vulnerability
Salesforce Security identified and resolved multiple vulnerabilities in Tableau Server as part of a proactive security assessment. Fixes for these issues were included in the July Maintenance Release, published on July 22, 2025. The CVE's are listed below.
CVE-2025-26496
CVE-2025-26497
CVE-2025-26498
CVE-2025-52450
CVE-2025-52451
Tableau
August 14, 2025
Security Advisory
To enhance security against prompt injection risks in Agentforce and Einstein Generative AI, Salesforce is changing the “isConfirmationRequired” setting for “UpdateCustomerContact” and “UpdateVerifiedContact” actions, ensuring Human-in-the-loop (HITL) confirmation before updates. This proactive measure, part of our ongoing commitment to Trust, aims to reduce the likelihood and impact of prompt injection attacks.
Agentforce
August 7, 2025
Security Advisory
Security Advisory: As social engineering and phishing threats continue to rise, our top priority is to help customers strengthen their security posture. We encourage all customers to review our blog post on the topic, which gathers some of the key resources to protect your environment against these types of attacks.
Experience Cloud, Hyperforce, Sales Cloud, Salesforce Platform, Service Cloud
July 25, 2025
Vulnerability
On June 26, 2025, an email was sent to all active Tableau Server accounts' portal administrators and security contacts regarding various vulnerabilities addressed in the June Maintenance Release, published on June 26, 2025.
This issue affects Tableau Server versions: before 2025.1.3, before 2024.2.12, before 2023.3.19.
The CVE's are listed below:
CVE-2025-52446
CVE-2025-52447
CVE-2025-52448
CVE-2025-52449
CVE-2025-52452
CVE-2025-52453
CVE-2025-52454
CVE-2025-52455
Tableau
June 16, 2025
Security Update
Salesforce is aware of recent media reports regarding a security issue involving the Aura Controller. We take these matters seriously and conduct ongoing system scans to proactively identify and address potential vulnerabilities. Protecting our customers and their data is our top priority.
Based on currently available information, we have not identified any evidence of exploitation related to this issue. Salesforce has already implemented a fix, and no customer action is required at this time.
Customers with additional questions are encouraged to contact Salesforce Support.
—
June 10, 2025
Vulnerability
Salesforce is aware of the media reports of the security vulnerabilities affecting Omnistudio, CVEs 2025-43698, 2025-43700, 2025-43701, 2025-43699 and 2025-43697, which impact the Flexcard and Data Mapper components of Omnistudio.
Salesforce Platform
April 8, 2025
Security Update
Effective March 4, 2025 for Starter and ProSuite, March 5, 2025 for Service Enterprise Edition and Unlimited Edition, and March 20, 2025 for Sales Enterprise and Unlimited, the email functionality will be disabled for Trial Orgs provisioned through the Salesforce website during the standard 30 day evaluation period.
Salesforce Platform
February 6, 2025
Security
User accounts without multi-factor authentication (MFA), IP restrictions, and/or that use weak credentials are at risk of being compromised by bad actors. See the Help article attached for an overview on how you can use customizable settings or implement Shield Event Monitoring to protect your user accounts.
Commerce Cloud, Experience Cloud, Heroku, Marketing Cloud, MuleSoft, Sales Cloud, Service Cloud, Tableau
January 23, 2025
Security Enhancements
Salesforce strongly recommends that customers transition from RSA key exchanges to TLS 1.3 to enhance the security and efficiency of network communications.
Experience Cloud, Sales Cloud, Service Cloud
January 7, 2025
Tableau Security Advisory
Tableau allows for row-level access controls to be implemented to database fields via a filter feature that designates whether a particular value is included or excluded in a query. As a result of a broken access control, in impacted versions, workbook fields with the filter compression feature enabled are exposed in data visualizations if new values are added to the fields after they were originally filtered. Tableau has disabled the filter compression feature by default in Tableau Cloud and Server for the November Maintenance release.
Tableau
November 21, 2024
Tableau Security Advisory
Salesforce Security addressed a security issue impacting Tableau Cloud and Server workbooks in the August Maintenance release. We strongly encourage Tableau Server customers to apply the update associated with the major release, which can be downloaded from the Tableau Server Maintenance Release page. Cloud customers do not need to take action as a patch was applied to Cloud instances on August 9, 2024.
Tableau
October 18, 2024
Security Notification
To enhance the security functionality and help prevent abuse of free trial orgs, on October 8, 2024, we temporarily disabled user-initiated email functionality for Core CRM Product Trials – this does not include Active customers or other Salesforce products.
Salesforce Platform
October 4, 2024
Vulnerability
Salesforce Security discovered a vulnerability affecting the email notification functionality of Tableau's Flow Editor feature. As a result of this issue, an authenticated user could execute arbitrary commands on customers’ instances of Tableau Server. We assigned the CVSSv3 score as 9.1.
Tableau
April 1, 2024
Vulnerability
On November 2, 2023, Salesforce Security was notified of CVE-2023-46604, a remote code execution (RCE) vulnerability impacting Apache ActiveMQ clients.
Tableau
March 1, 2024
Vulnerability
On May 11, 2023, a Local File Inclusion (LFI) security vulnerability was reported via our Advanced Server Access (ASA) Program.
Tableau
February 2, 2024
Vulnerability
Salesforce is actively investigating CVE-2023-46604 for potential impact and implementing mitigations where necessary. Salesforce will continue to follow its vulnerability management process, and should we discover evidence of unauthorized access to customer data, will notify impacted parties without undue delay.
—
