High severityNVD Advisory· Published Feb 6, 2026· Updated Feb 9, 2026
MCP Salesforce Connector has arbitrary attribute access which leads to disclosure of Salesforce auth token
CVE-2026-25650
Description
MCP Salesforce Connector is a Model Context Protocol (MCP) server implementation for Salesforce integration. Prior to 0.1.10, arbitrary attribute access leads to disclosure of Salesforce auth token. This vulnerability is fixed in 0.1.10.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mcp-salesforce-connectorPyPI | < 0.1.10 | 0.1.10 |
Affected products
1- Range: < 0.1.10
Patches
12 files changed · +4 −1
pyproject.toml+1 −1 modified@@ -4,7 +4,7 @@ build-backend = "hatchling.build" [project] name = "mcp-salesforce-connector" -version = "0.1.9" +version = "0.1.10" description = "A Model Context Protocol (MCP) server implementation for Salesforce integration" readme = "README.md" requires-python = ">=3.11"
src/salesforce/server.py+3 −0 modified@@ -13,6 +13,7 @@ from simple_salesforce import Salesforce from simple_salesforce.exceptions import SalesforceError +from simple_salesforce import SFType import mcp.types as types from mcp.server import Server, NotificationOptions @@ -358,6 +359,8 @@ async def handle_call_tool(name: str, arguments: dict[str, str]) -> list[types.T raise ValueError("Missing 'object_name' or 'record_id' argument") if not sf_client.sf: raise ValueError("Salesforce connection not established.") + if not isinstance(sf_object, SFType): + raise ValueError(f"Invalid Salesforce object name: {object_name}") sf_object = getattr(sf_client.sf, object_name) results = sf_object.get(record_id) return [
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-vf6j-c56p-cq58ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-25650ghsaADVISORY
- github.com/smn2gnt/MCP-Salesforce/commit/a1e3a5a786f48508d066b6d40b58201ebf9b7fd6ghsax_refsource_MISCWEB
- github.com/smn2gnt/MCP-Salesforce/releases/tag/v0.1.10ghsax_refsource_MISCWEB
- github.com/smn2gnt/MCP-Salesforce/security/advisories/GHSA-vf6j-c56p-cq58ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.