Skip to main content

Splunk Products Multiple Vulnerabilities

Last Update Date: 22 Jun 2026 Release Date: 12 Jun 2026 11899 Views

RISK: High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in Splunk products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, security restriction bypass and cross-site scripting on the targeted system.

 

Note: 

CVE-2026-20253 is being exploited in the wild, and Proof of Concept exploit code is publicly available. An unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Hence, the risk level is rated as High Risk.

 

[Updated on 2026-06-16]

Updated Description and Related Links.

 

[Updated on 2026-06-22]

Updated Risk Level, Description and Related Links.


Impact

  • Security Restriction Bypass
  • Information Disclosure
  • Cross-Site Scripting

System / Technologies affected

  • Splunk Enterprise versions below
    • 10.0.7
    • 10.2.4
    • 9.3.13
    • 9.4.12
  • Splunk Cloud Platform versions below 
    • 9.3.2411.131
    • 9.3.2411.132
    • 10.0.2503.14
    • 10.1.2507.22
    • 10.1.2507.23
    • 10.2.2510.14
    • 10.2.2510.15
    • 10.3.2512.11
    • 10.3.2512.12
    • 10.3.2512.13
    • 10.4.2604.0
    • 10.4.2604.3

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link