MidnightBSD

Advisories for smn2gnt

CVE-2026-25650

MCP Salesforce Connector is a Model Context Protocol (MCP) server implementation for Salesforce integration. Prior to 0.1.10, arbitrary attribute access leads to disclosure of Salesforce auth token. This vulnerability is fixed in 0.1.10.

Products Affected

Vendor Product Version
smn2gnt mcp_salesforce_connector *