CVE-2025-64322

CVE-2025-64322

Vendor Salesforce
Product Agentforce Vibes Extension
Weakness CWE-732
Published November 4, 2025
Last update November 11, 2025

CVSS base score

What the vulnerability does

01Description

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0.

Key dates

02Disclosure timeline

November 4, 2025 CVE published
November 11, 2025 Record updated