Salesforce has disclosed five critical security vulnerabilities in Tableau Server and Desktop that could allow attackers to execute arbitrary code and traverse file systems on compromised systems, potentially exposing sensitive enterprise data to cybercriminals.
The vulnerabilities, identified during a proactive security assessment by Salesforce's security team, affect multiple versions of the popular business intelligence platform used by thousands of organizations worldwide. The most severe flaw (CVE-2025-26496) carries a CVSS score of 9.6, indicating critical risk levels that demand immediate attention.
The discovered vulnerabilities span several attack categories, including type confusion errors that enable local code execution, unrestricted file uploads allowing dangerous file types, and path traversal flaws that let attackers access restricted directories. These weaknesses particularly target Tableau Server's file upload modules, Flow Editor, and connection establishment components.
"The combination of these vulnerabilities creates a perfect storm for attackers," explains the security advisory. The type confusion vulnerability (CVE-2025-26496) affects both server and desktop installations across Windows and Linux platforms, while path traversal flaws (CVE-2025-52450 and CVE-2025-52451) could allow attackers to access sensitive files outside intended directories through the tabdoc API.
Widespread Impact Across Enterprise Deployments
The vulnerabilities impact Tableau Server versions before 2025.1.4, 2024.2.13, and 2023.3.20, affecting potentially millions of business users who rely on Tableau for data visualization and analytics. Organizations using affected versions face risks of data breaches, system compromise, and unauthorized access to business-critical information.
Immediate Action Required
Salesforce released patches in their July 22, 2025, maintenance update and strongly urges all Tableau customers to upgrade immediately to the latest supported versions. The company emphasizes that no known exploits currently exist in the wild, but the critical nature of these flaws makes rapid patching essential.
System administrators should prioritize updating their Tableau installations and reviewing access logs for any suspicious file uploads or connection activities that might indicate compromise attempts.