Salesforce Patches CRM Data Exfiltration Vulnerability

Joseph K
Sep 26, 2025
1 min read

Salesforce patched a vulnerability involving its Agentforce agentic artificial intelligence tool that would have allowed attackers to steal customer data and leads being stored in the CRM system.

A report from AI security platform vendor Noma Labs details a chain of indirect prompt injection vulnerabilities it discovered and dubbed ForcedLeak. Researchers reported the flaw to the CRM giant on July 28, calculating that it would have a CVSS-equivalent score of 9.4.

https://www.bankinfosecurity.com/salesforce-patches-crm-data-exfiltration-vulnerability-a-29578

Salesforce Patches CRM Data Exfiltration Vulnerability

Comments

Recent Posts

Snowflake Shares Soar on Q1 Earnings Beat and Massive $6 Billion AWS Deal

AWS Research Warns AI Agents Are "Flying Blind" Without Standardized Benchmarks

Pinterest Signs Massive $4 Billion AI Infrastructure Deal with AWS

Salesforce AI Push With Anthropic And Contentful Meets Undervalued Share Price

Contentful is a shot in the arm for Salesforce's 'headless' bet

Headquarters

Seoul Office