Tableau Critical Vulnerability - 20250825003¶
Overview¶
Salesforce Security identified and resolved a flaw in Tableau Server and Tableau Desktop (File Upload modules) that could lead to Local Code Inclusion.
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
|---|---|---|---|---|
| Tableau Server Tableau Desktop |
2025.x prior to 2025.1.3 2024.x prior to 2024.2.12 All versions prior to 2023.3.19 |
CVE-2025-26496 | 9.6 | Critical |
What has been observed?¶
The WA SOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):