PT-2026-7725 · Unknown+1 · Sf-Mcp-Server+3

Akutishevsky

Published

2026-02-11

Updated

2026-02-13

CVE-2026-26029

CVSS v3.1

7.5

High

Vector

AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions sf-mcp-server (affected versions not specified)

Description A command injection issue exists in sf-mcp-server, an implementation of Salesforce MCP server for Claude for Desktop. The issue is due to the unsafe use of the child process.exec function when building Salesforce CLI commands with input controlled by the user. Successful exploitation could allow attackers to execute arbitrary shell commands with the privileges of the MCP server process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2026-26029

GHSA-H4W9-G9C5-VFWQ

Affected Products

Claude For Desktop

Salesforce Cli

Salesforce Mcp Server

Sf-Mcp-Server

PT-2026-7725 · Unknown+1 · Sf-Mcp-Server+3

CVE-2026-26029

Weakness Enumeration

Related Identifiers

Affected Products

References · 7