What the vulnerability does

01Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable Files.This issue affects Uni2TS: through 1.2.0.

Key dates

02Disclosure timeline

January 9, 2026 CVE published
January 12, 2026 Record updated