๐Ÿ” CVE Alert

CVE-2025-9844

HIGH 8.8
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th

Uncontrolled Search Path Element vulnerability in Salesforce Salesforce CLI on Windows allows Replace Trusted Executable.This issue affects Salesforce CLI: before 2.106.6.

CWE CWE-427
Vendor salesforce
Product salesforce cli
Ecosystems
Industries
Enterprise
Published Sep 23, 2025
Last Updated Feb 26, 2026
Stay Ahead of the Next One

Get instant alerts for salesforce salesforce cli

Be the first to know when new high vulnerabilities affecting salesforce salesforce cli are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Salesforce / Salesforce CLI
0 < 2.106.6

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
help.salesforce.com: https://help.salesforce.com/s/articleView?id=005224301&type=1

Credits

crispr xiang