Salesforce has identified five critical vulnerabilities (CVEs) related to configuration weaknesses in its services, exposing customers to risks like unauthorized access and session hijacking. While these CVEs are tied to core components such as Flexcards and Data Mappers, 16 other issues were classified as customer misconfigurations, emphasizing the need for users to enforce proper security measures. Experts urge organizations to rigorously assess their configurations to prevent potential exploits.