Home

Description

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.2.0.

PUBLISHED Reserved 2025-10-30 | Published 2025-11-04 | Updated 2025-11-05 | Assigner Salesforce

Problem types

CWE-732 Incorrect Permission Assignment for Critical Resource

Product status

Default status
unaffected

Any version before 3.2.0
affected

References

help.salesforce.com/s/articleView?id=005228032&type=1

cve.org (CVE-2025-64322)

nvd.nist.gov (CVE-2025-64322)

Download JSON