CVE-2025-64320

Name of the Vulnerable Software and Affected Versions Salesforce Agentforce Vibes Extension versions prior to 3.2.0

Description An issue exists in Salesforce Agentforce Vibes Extension related to improper neutralization of input used for LLM prompting, which can lead to code injection. The issue affects the Agentforce Vibes Extension. The vulnerability allows for code injection through manipulation of inputs used in prompts for Large Language Models (LLMs).

Recommendations Update Salesforce Agentforce Vibes Extension to version 3.2.0 or later.