Unrated severityNVD Advisory· Published Aug 22, 2025· Updated Feb 26, 2026

CVE-2025-26496

Description

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19.

Affected products

Tableausoftware/Tableau Serverllm-fuzzy
Range: before 2025.1.3, before 2024.2.12, before 2023.3.19
Schneider Electric/Tableau Desktopllm-fuzzy
Range: before 2025.1.3, before 2024.2.12, before 2023.3.19
Salesforce/Tableau Server, Tableau Desktopv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

help.salesforce.com/s/articleViewmitre
www.cve.org/CVERecordmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000