CVE-2025-10875 is a security vulnerability classified under CWE-1427, which involves improper neutralization of input used for large language model (LLM) prompting in Salesforce Mulesoft Anypoint Code Builder. The vulnerability exists in versions prior to 1.11.6 and allows an attacker to inject malicious code by manipulating inputs that are incorporated into prompts sent to an LLM within the Code Builder environment. This improper input handling can lead to code injection, potentially enabling unauthorized code execution or manipulation of the development environment. Mulesoft Anypoint Code Builder is a cloud-based integrated development environment (IDE) used for building and managing APIs and integrations, making it a critical tool in many enterprise workflows. The vulnerability arises because the input used for LLM prompting is not properly sanitized or neutralized, allowing crafted inputs to alter the intended behavior of the LLM and execute arbitrary code. Although no public exploits have been reported, the nature of this vulnerability means that attackers could leverage it to compromise the integrity of code artifacts, inject malicious logic into integration flows, or disrupt development processes. The vulnerability does not require authentication or user interaction, which increases the risk of exploitation. The lack of a CVSS score means severity must be assessed based on impact and exploitability factors. The vulnerability affects confidentiality, integrity, and availability by potentially allowing unauthorized code execution and manipulation of development assets. The scope is broad as it affects all users of vulnerable versions of Mulesoft Anypoint Code Builder. Given the critical role of this tool in enterprise integration, exploitation could have cascading effects on connected systems and services.

For European organizations, exploitation of this vulnerability could lead to unauthorized code execution within the Mulesoft Anypoint Code Builder environment, compromising the integrity of integration workflows and APIs. This could result in injection of malicious code into production systems, data breaches, or service disruptions. Confidentiality could be impacted if sensitive data is exposed or exfiltrated through compromised integrations. Integrity risks include unauthorized modification of business logic and workflows, potentially leading to financial loss or operational failures. Availability could be affected if injected code disrupts or disables critical integration services. Given the widespread use of Mulesoft in sectors such as finance, manufacturing, and public services across Europe, the vulnerability poses a significant risk to critical infrastructure and business continuity. The lack of known exploits provides a window for proactive mitigation, but the ease of exploitation without authentication increases urgency. Organizations relying heavily on Mulesoft for API management and integration should prioritize addressing this vulnerability to prevent potential supply chain and development environment compromises.

1. Immediately upgrade Mulesoft Anypoint Code Builder to version 1.11.6 or later, where the vulnerability is patched. 2. Implement strict input validation and sanitization on all user-supplied data that may be used in LLM prompts to prevent injection of malicious content. 3. Restrict access to the Code Builder environment using network segmentation and strong access controls to limit exposure. 4. Monitor development environments for unusual activity or unexpected code changes that could indicate exploitation attempts. 5. Educate developers and DevOps teams about the risks of injecting untrusted input into LLM prompts and enforce secure coding practices. 6. Employ runtime application self-protection (RASP) or similar tools to detect and block anomalous code execution within development environments. 7. Review and audit integration workflows and API configurations for signs of tampering following the vulnerability disclosure. 8. Coordinate with Salesforce support and subscribe to security advisories for timely updates and patches.