CVE-2025-26494

CVE-2025-26494: Server Side Request Forgery vulnerability in Tableau Server

Vendor Salesforce

Product Tableau Server

Weakness CWE-918 · SSRF

Published February 11, 2025

Last update February 19, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server allows Authentication Bypass.This issue affects Tableau Server: from 2023.3 through 2023.3.5.

Key dates

02Disclosure timeline

February 11, 2025 CVE published

February 19, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-26494

Related vulnerabilities

04Related CVE

CVE-2026-29226 Apache OFBiz: Low-Privilege SSRF in Content Component CVE-2022-23071 Recipes - SSRF on Import CVE-2022-1191 SSRF on index.php/cobrowse/proxycss/ in livehelperchat/livehelperchat CVE-2024-30256 Open WebUI vulnerable to server-side request forgery in utils.py CVE-2025-47733 Microsoft Power Apps Information Disclosure Vulnerability