← Back to CVEs
CVE-2026-35178
N/ADescription
Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains remote code execution vulnerability in the timezone conversion flow, which processes attacker-controlled cookie values in an unsafe manner. This vulnerability is fixed in 65.0.0.
CVE Details
CVSS v3.1 ScoreN/A
Published4/6/2026
Last Modified4/6/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-94
References
https://github.com/forceworkbench/forceworkbench/pull/869(security-advisories@github.com)
https://github.com/forceworkbench/forceworkbench/security/advisories/GHSA-jw63-m86r-2jxc(security-advisories@github.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.