Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

marketing_cloud_engagement

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

4
Related CVEsRelated VendorsRelated AssignersReports
4Vulnerabilities found
CVE-2026-22583
Assigner-Salesforce, Inc.
ShareView Details
Assigner-Salesforce, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.02% / 4.97%
||
7 Day CHG~0.00%
Published-24 Jan, 2026 | 00:20
Updated-12 Feb, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement (CloudPagesUrl module) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.

Action-Not Available
Vendor-salesforceSalesforce
Product-marketing_cloud_engagementMarketing Cloud Engagement
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2026-22582
Assigner-Salesforce, Inc.
ShareView Details
Assigner-Salesforce, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.02% / 4.97%
||
7 Day CHG~0.00%
Published-24 Jan, 2026 | 00:19
Updated-12 Feb, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement (MicrositeUrl module) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.

Action-Not Available
Vendor-salesforceSalesforce
Product-marketing_cloud_engagementMarketing Cloud Engagement
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2026-22586
Assigner-Salesforce, Inc.
ShareView Details
Assigner-Salesforce, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.02% / 4.23%
||
7 Day CHG~0.00%
Published-24 Jan, 2026 | 00:17
Updated-12 Feb, 2026 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.

Action-Not Available
Vendor-salesforceSalesforce
Product-marketing_cloud_engagementMarketing Cloud Engagement
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2026-22585
Assigner-Salesforce, Inc.
ShareView Details
Assigner-Salesforce, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.01% / 1.82%
||
7 Day CHG~0.00%
Published-24 Jan, 2026 | 00:15
Updated-12 Feb, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.

Action-Not Available
Vendor-salesforceSalesforce
Product-marketing_cloud_engagementMarketing Cloud Engagement
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm