CVE-2026-35178

Name of the Vulnerable Software and Affected Versions Workbench versions prior to 65.0.0

Description Workbench, a suite of tools for interacting with Salesforce.com organizations via the Force.com APIs, contains a remote code execution issue in the timezone conversion flow. The issue arises from unsafe processing of attacker-controlled cookie values. This affects administrators and developers using Workbench.

Recommendations Update Workbench to version 65.0.0 or later.