cvedb.io
CVE-2025-26496
CRITICAL · CVSS 9.3
EPSS exploitation probability: 0%
Published 2025-08-22T21:15:31.103 · Last modified 2026-06-17T09:01:55.013

Summary

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19.

Affected products

tableau — tableau_server

Does this affect you?

Add your gear to cvedb and we'll alert you only when tableau ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.