Salesforce Marketing Cloud Engagement vulnerabilities
5 known vulnerabilities affecting salesforce/marketing_cloud_engagement.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL5
Vulnerabilities
Page 1 of 1
CVE-2026-22583P2CRITICALCVSS 9.8fixed in 2026-01-21fixed in January 21, 20262026-01-24
CVE-2026-22583 [CRITICAL] CWE-88 CVE-2026-22583: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement (CloudPagesUrl module) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.
nvd
CVE-2026-22582P2CRITICALCVSS 9.8fixed in 2026-01-21fixed in January 21, 20262026-01-24
CVE-2026-22582 [CRITICAL] CWE-88 CVE-2026-22582: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement (MicrositeUrl module) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.
nvd
CVE-2026-2298P2CRITICALCVSS 9.4fixed in January 30th, 20262026-03-23
CVE-2026-2298 [CRITICAL] CWE-88 CVE-2026-2298: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 30th, 2026.
nvd
CVE-2026-22586P3CRITICALCVSS 9.8fixed in 2026-01-21fixed in January 21, 20262026-01-24
CVE-2026-22586 [CRITICAL] CWE-321 CVE-2026-22586: Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, For
Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.
nvd
CVE-2026-22585P3CRITICALCVSS 9.8fixed in 2026-01-21fixed in January 21, 20262026-01-24
CVE-2026-22585 [CRITICAL] CWE-327 CVE-2026-22585: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagem
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.
nvd