Critical severity9.3NVD Advisory· Published Aug 22, 2025· Updated Jun 17, 2026
CVE-2025-26496
CVE-2025-26496
Description
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Affected products
3- Range: <2025.1.3, <2024.2.12, <2023.3.19
- Range: <2025.1.3, <2024.2.12, <2023.3.19
- Salesforce/Tableau Server, Tableau Desktopv5Range: 0
Patches
Vulnerability mechanics
References
2- help.salesforce.com/s/articleViewnvdVendor Advisory
- www.cve.org/CVERecordnvdTechnical Description
News mentions
0No linked articles in our index yet.