CVE-2025-64322

Description

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0.

PUBLISHED Reserved 2025-10-30 | Published 2025-11-04 | Updated 2025-11-11 | Assigner Salesforce

Problem types

CWE-732 Incorrect Permission Assignment for Critical Resource

Product status

References

help.salesforce.com/s/articleView?id=005228032&type=1

cve.org (CVE-2025-64322)

nvd.nist.gov (CVE-2025-64322)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.