Donate Telegram

CVE-2026-22586

NONE EPSS 0.02%

Jan 24, 2026

Updated Jan 24, 2026

Salesforce

Parameter	Value
Type	CWE-321
Vendor	Salesforce
Public PoC	No

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.

Weakness Type (CWE)

References 1

https://help.salesforce.com/s/articleView?id=005299346&type=1

security@salesforce.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-35178

Salesforce

CVE-2026-34951

Salesforce

CVE-2026-2298

Salesforce

CVE-2026-26029

Salesforce

CVE-2026-25650

Salesforce

CVE Details

CVE ID

CVE-2026-22586

Published Date

Jan 24, 2026

Vendor

Salesforce

Severity

NONE

Exploit Prediction (EPSS)

Probability of Exploit 0.02%

Likelihood of exploitation in next 30 days

Percentile: 5.9th percentile (higher than 5.9% of all CVEs)

Standard patching cycle

Impact

Minimal impact

Source

Editor's Choice