CVE-2025-10875 | THREATINT

Description

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Code Injection.This issue affects Mulesoft Anypoint Code Builder: before 1.11.6.

PUBLISHED Reserved 2025-09-23 | Published 2025-11-04 | Updated 2025-11-05 | Assigner Salesforce

Problem types

CWE-1427 Improper Neutralization of Input Used for LLM Prompting

Product status

Default status

unaffected

Any version before 1.11.6

affected

References

help.salesforce.com/s/articleView?id=005228032&type=1

cve.org (CVE-2025-10875)

nvd.nist.gov (CVE-2025-10875)

Download JSON