Critical severity9.8NVD Advisory· Published Apr 6, 2026· Updated Apr 16, 2026
CVE-2026-35178
CVE-2026-35178
Description
Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains remote code execution vulnerability in the timezone conversion flow, which processes attacker-controlled cookie values in an unsafe manner. This vulnerability is fixed in 65.0.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <65.0.0
Patches
Vulnerability mechanics
References
2- github.com/forceworkbench/forceworkbench/pull/869nvdIssue TrackingVendor Advisory
- github.com/forceworkbench/forceworkbench/security/advisories/GHSA-jw63-m86r-2jxcnvdVendor Advisory
News mentions
0No linked articles in our index yet.