CVE-2026-22584 PUBLISHED

Assigner: Salesforce
Reserved: 07.01.2026 Published: 09.01.2026 Updated: 12.01.2026

Improper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable Files.This issue affects Uni2TS: through 1.2.0.

Product Status

Vendor	Salesforce
Product	Uni2TS
Versions	Default: unaffected affected from 0 to 1.2.0 (incl.)

References

https://help.salesforce.com/s/articleView?id=005239354&type=1

Problem Types

CWE-94 Improper Control of Generation of Code ('Code Injection') CWE

Impacts

CAPEC-35 Leverage Executable Code in Non-Executable Files