CYBERHAWK / CVE / CVE-2026-20253

CVE-2026-20253

CRITICAL CVSS 9.8 other

The flaw

In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.<br

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-20253

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

In the news

Multiple Splunk Enterprise Vulnerabilities Allow Attackers to Execute Malicious ScriptCyberSecurityNews · 2026-06-11
Splunk Products Multiple VulnerabilitiesHong Kong Computer Emergency Response Team Coordination Centre · 2026-06-12
Splunk, Palo Alto Networks Patch Severe VulnerabilitiesSecurityWeek · 2026-06-11

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits