CVE-2025-26496 | THREATINT

Description

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19.

PUBLISHED Reserved 2025-02-11 | Published 2025-08-22 | Updated 2025-08-26 | Assigner Salesforce

Problem types

CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

Product status

Default status

unaffected

Any version before 2025.1.3

affected

Any version before 2024.2.12

affected

Any version before 2023.3.19

affected

References

help.salesforce.com/s/articleView?id=005132575&type=1

www.cve.org/CVERecord?id=CVE-2022-1364

cve.org (CVE-2025-26496)

nvd.nist.gov (CVE-2025-26496)

Download JSON